On Wednesday this week, all nine justices agreed that the Dodd-Frank Act’s anti-retaliation provision does not extend to an individual who has not reported a violation of the securities laws to the Securities and Exchange Commission (“SEC”). In other words, making only internal complaints does not shroud an employee in whistleblower protection under the Dodd-Frank Act.
My colleague Patty Moran authored an advisory about reviewing Sarbanes-Oxley Blackout Notice Rules when changing a 401(k) investment fund. The advisory describes the origin of the Blackout Notice Rules, the rules’ requirements and penalties for noncompliance, and next steps.
In a case of first impression, the Department of Labor’s Administrative Review Board (ARB) finds that the meaning of the term “adverse action” under the whistleblower protection provisions of the Sarbanes-Oxley Act (SOX) is substantially broader than the meaning of the same term under Title VII, and found that the employer’s disclosure of the whistleblower’s identity in violation of the employer’s own confidentiality policy was an adverse action. This employee-friendly decision reflects the DOL trend towards expanding employees’ workplace rights.
First, the background.
Written by Martha Zackin
In a decision that likely surprised no one but the plaintiffs, on May 3, 2011, the United States Circuit Court of Appeals for the Ninth Circuit held that Boeing was within its right to fire two employees who complained to the media about practices they viewed as potential violations of the Sarbanes-Oxley Act (“SOX”). In so holding, the Court rejected the plaintiffs’ claims that Boeing violated their rights under SOX. Tides v. The Boeing Co., No. 10-35238 (9th Cir. May 3, 2011).
By way of background, SOX protects employees of publicly-traded companies who disclose certain types of information to federal regulatory and law enforcement agencies; to Congress; or to employee supervisors. Pursuant to SOX, public companies must annually access the effectiveness of its internal controls and procedures for financial reporting, including the effectiveness of controls over information technology (“IT”) systems.
Plaintiffs Matthew Neumann and Nicholas worked as internal auditors in Boeings IT SOX Audit Group. Both plaintiffs complained to Boeing management about certain practices that, they believed, compromised the integrity of the Boeing’s internal IT controls. More specifically, they complained that they felt pressured to render positive internal audit results and expressed concerns about the integrity of data stored in the software system Boeing used to store its IT SOX audit results. Both plaintiffs were aware that Boeing had in place a policy that restricted the release of company information to the news media.
Notwithstanding company policy, both plaintiffs separately spoke with a reporter for the Seattle Post-Intelligencer, and both provided her with copies of internal company documents. After the Post-Intelligencer published an article titled “Computer security faults put Boeing at risk,” which cast Boeing in a harshly negative light, Boeing fired both plaintiffs for violating the company policy pertaining to unauthorized media contact.
Affirming the lower court’s decision that Boeing did not violate the law when it terminated the plaintiffs’ employment, the Court found that Congress meant what it said when it limited the SOX whistleblower protections to those who complained to federal regulatory and law enforcement agencies; to Congress; or to employee supervisors. Not surprisingly, complaints to the media do not fall within the scope of SOX protection