Private equity firms have grown increasingly alarmed by the rising specter of whistleblowers. The number of whistleblower cases has increased at an exponential rate since the SEC instituted the whistleblower program in the wake of Dodd-Frank’s passage, and the SEC has made clear that it will rely on whistleblowers with increasing frequency going forward. At the same time, the SEC has stated that investment advisors and the funds they manage continue to be a focus for enforcement actions. Finally, the recent escalation in SEC penalties creates an ever-growing incentive for employees at private equity firms to report information to the SEC in the hopes of obtaining a bounty. These bounties, which can be up to 30 percent of the penalty amount, can be substantial. Just this year, the SEC set a new record by awarding a whistleblower bounty of $30 million.
But establishing clear policies that address whistleblower risk can be particularly challenging for private equity firms due to their structure. Unlike a typical corporation that has a single, vertical reporting regime, private equity firms can see a whistleblower emerge from any one of their portfolio companies, each of which has its own policies and procedures for responding to employee reports of misconduct. In addition, some private equity firms have limited substantive interaction with one or more of their portfolio companies. This can result in the private equity firm not learning about deficiencies in the portfolio company’s reporting procedures and can cause the portfolio company not to inform the private equity firm of reports of significant misconduct.
As a first step in creating a mechanism for handling reports of misconduct, private equity firms should require their portfolio companies to have internal compliance reporting channels that are appropriate to the nature of their businesses. Private equity firms should also inform these portfolio companies of the conditions under which reports of misconduct should be escalated to the private equity firm. The procedures for such reports should be reflected in written policies maintained by the portfolio companies and, to the extent practicable, these policies should be consistent across the entire portfolio.
In addition, it is important for private equity firms to implement policies and procedures for responding to reports of misconduct initiated both by portfolio company employees and employees of the private equity firm. Private equity firms should take care not to rely on the memory or personal email and files of compliance officers to record responses to reports of misconduct. Rather, they should clearly document every complaint received, the response to the complaint, and the timeliness of this response. This will enable them to respond to any inquiry the SEC makes in response to a whistleblower report, even if the employee who directed the firm’s response no longer is employed by the firm. Private equity firms also should adopt, and ensure that their portfolio companies adopt, strict policies precluding retaliation against individuals who report information to the SEC. These policies will reduce, but not eliminate, the risk posed by whistleblowers.
Jeffrey Alberts is a partner in Pryor Cashman's New York-based litigation practice while Eric Dowell is a senior associate in the group.