Public Comment

POGO's Public Comment Regarding the CFTC's Whistleblower Award Program

David A. Stawick

Secretary

Commodity Futures Trading Commission

Three Lafayette Centre

1155 21st Street, NW

Washington, DC 20581

Dear Mr. Stawick:

The Project On Government Oversight (POGO) provides the following public comment on the Commodity Futures Trading Commission’s (CFTC) proposed rules (Regulation 165) for implementing Section 23 of the Commodity Exchange Act (“Commodity Whistleblower Incentives and Protection”), added by Section 748 of the Dodd-Frank Wall Street Reform and Consumer Protection Act.

As an independent watchdog that champions good government reforms, POGO has a keen interest in establishing safe and open channels for whistleblower disclosures, and we welcome the opportunity to comment on the CFTC’s proposed rules.

POGO believes the CFTC’s mission to protect market participants against fraud, manipulation, and abusive trading practices will be greatly advanced by incentivizing whistleblowers to come forward with tips, and by protecting those whistleblowers from retaliation. We strongly urge the CFTC to establish safe and open channels for whistleblowers to make disclosures, and to reject any proposal that would require whistleblowers to report problems internally before coming to the CFTC.

POGO would like to respond to several specific questions posed by the CFTC in its proposed rules, and to offer additional suggestions for strengthening the agency’s whistleblower award program.

BACKGROUND

Whistleblowers play an essential role in exposing corporate misconduct. A recent survey conducted by the Association of Certified Fraud Examiners found that nearly half of occupational fraud cases were uncovered by a tip or complaint from an employee, customer, vendor, or other source. In the case of detecting fraud perpetrated by owners and executives, tips played an even more important role.[1] Another recent study found that whistleblowers played a bigger role than external auditors, government regulators, self-regulatory organizations, or the media in detecting fraud.[2]

At the Securities and Exchange Commission (SEC), whistleblowers have featured prominently in numerous high-profile enforcement cases. In late 2008, for instance, Glen and Karen Kaiser provided the SEC with information and documents that enabled the agency to reopen its investigation into insider trading at Pequot Capital Management, formerly the nation’s largest hedge fund, leading to a $28 million settlement.[3] And the public is now well aware of the attempts by Harry Markopolos to provide the SEC with detailed evidence of Bernie Madoff’s Ponzi scheme.

As the CFTC works to establish a safe and effective whistleblower award program, we encourage the agency to examine the widely documented shortcomings in the SEC’s program to incentivize and protect whistleblowers. The SEC Office of Inspector General (OIG) has criticized the agency for failing to act on tips provided by Markopolos and other whistleblowers seeking to expose the Madoff and Stanford Ponzi schemes.[4] A separate OIG audit exposed some serious shortcomings in the SEC’s previous whistleblower award program, which was limited to tips on insider trading. For instance, the audit revealed that only five people had received an award payment during the program’s 20-year history. The OIG put forth a number of sensible recommendations for increasing awareness of the program and improving the agency’s communication with whistleblowers.[5]

In some cases, the SEC’s actions may have actively discouraged whistleblowers from coming forward with tips. For instance, POGO has written about an OIG investigation which found that an SEC enforcement attorney disclosed non-public information about a whistleblower from JPMorgan, and even encouraged JPMorgan’s counsel to use the information against the whistleblower in a retaliation proceeding.[6]

POGO expects that many of these problems will be resolved as the SEC beefs up its whistleblower award program under the Dodd-Frank law. POGO has also submitted a comment with recommendations for improving the SEC’s whistleblower program.[7]

Dodd-Frank reforms

Section 748 of the Dodd-Frank Wall Street Reform and Consumer Protection Act added Section 23 to the Commodity Exchange Act, and provided the CFTC with several new tools to incentivize and protect whistleblowers:

  • The CFTC can provide an award related to any administrative or judicial action that results in sanctions of more than $1 million; if an award is provided, it can be anywhere between 10 and 30 percent of the amount recovered
  • Whistleblowers can make disclosures anonymously, as long as they’re represented by counsel
  • Whistleblowers can appeal the CFTC’s decision to not provide an award
  • Whistleblowers cannot be retaliated against for providing a tip to the CFTC, and can file for relief in U.S. District Court including reinstatement and back-pay if they are retaliated against[8]

The CFTC should implement Section 23 in keeping with Congress’s intent to establish a strong and effective whistleblower award program to assist the agency with its prosecution of fraud, manipulation, and abusive trading practices in our nation’s commodity futures and options markets.

POGO offers the following comments on the CFTC’s proposed rules (Regulation 165) to implement Section 23 of the Commodity Exchange Act.

REGULATION 165

Internal compliance programs

In its description of the proposed rules, the CFTC wrote that “compliance with the CEA is promoted when companies have effective programs for identifying, correcting, and self-reporting unlawful conduct by company officers or employees.” POGO agrees that strong internal compliance programs can play an important role in the detection and prevention of fraudulent and abusive market practices. However, we believe that whistleblowers should always be given the option to report problems directly to the CFTC, especially if they have reason to believe that their company’s internal compliance program will not do an adequate job of investigating the wrongdoing and taking corrective action.

In a public comment submitted yesterday, the Securities Industry and Financial Markets Association (SIFMA)—which spent nearly $10 million in lobbying in the past two years[9] and recently announced its intention to leave its mark on more than 250 Dodd-Frank rules[10]—and the Futures Industry Association (FIA)—whose membership “is comprised of approximately 30 of the largest futures commission merchants in the United States”—proposed that the CFTC amend its rules to require whistleblowers to report wrongdoing to their employers before coming to the CFTC. The groups suggested that an internal reporting requirement should only apply at companies that have an effective internal compliance program. However, they proposed that the CFTC come up with comprehensive and “objective” criteria for determining whether a company has a truly effective compliance program, rather than letting whistleblowers make this determination on a company-by-company basis.[11]

POGO strongly urges the CFTC to reject this internal reporting requirement, which is plainly contrary to the meaning and intent of Section 23. In many cases, forcing a whistleblower to report a problem internally will undermine the CFTC’s ability to learn about market abuses. This is especially true in cases where senior managers and executives are implicated in the alleged wrongdoing. For instance, the Association of Certified Fraud Examiners found that “internal controls were not as effective at detecting frauds committed by top-level perpetrators, as these individuals are often uniquely positioned to override even the best-designed controls.”[12]

A recent survey conducted by KPMG revealed that many employees lack confidence in their firms’ internal reporting systems. Nearly 75 percent of employees reported that they have personally observed or have firsthand knowledge of wrongdoing within their organizations during the previous 12 months (roughly 50 percent of the employees reported that the wrongdoing they observed could cause a “significant loss of public trust if discovered.”) However, only 50 percent of the employees believed they would be protected from retaliation if they reported the wrongdoing to management, and even fewer believed they would be satisfied with the outcome of the internal investigation.[13]

POGO believes that an internal reporting requirement could do great harm to whistleblowers. In a recent article on the SEC’s proposed rules for implementing improvements to their whistleblower award program under the Dodd-Frank law, Eric Havian, a prominent attorney with decades of experience working on False Claims Act cases, stated that an internal reporting requirement would “eviscerate” the program from the outset and put whistleblowers in harm’s way:

If formal internal reporting is a requirement, the instant the SEC begins its investigation and serves its first subpoena, the corporation will have a short list of possible whistleblowers—i.e. those persons who formally reported the fraud to internal compliance. It will not be difficult for corporate attorneys to hone in on the likely turncoats. Nothing will create a greater chilling effect on the SEC whistleblower program than this proposed internal reporting requirement.

Havian also challenged the claim made repeatedly by industry groups over the past few months that the award programs will result in a deluge of whistleblowers circumventing their employers and going directly to the government in search of a big payout. Similar concerns were raised about the False Claims Act and the Internal Revenue Service’s (IRS) whistleblower program, yet Havian notes that in his firm’s “20-plus years of filing whistleblower cases, in almost every instance, whistleblowers seek to report their concerns internally, only coming to us as a last resort.”[14]

Furthermore, if internal compliance programs were as effective as industry groups claim, we wonder why they failed to detect and avert the widespread financial fraud that precipitated the current economic crisis. In fact, there’s a good chance that strong whistleblower award programs at the SEC and CFTC will pressure companies to make substantial improvements to their own compliance programs in order to remedy problems before employees have to go to the government[15]

POGO strongly recommends that the CFTC resist any calls from industry groups to make internal reporting a requirement.

Original information

Proposed Rule 165.2(h) defines “independent analysis” as “your own analysis, whether done alone or in combination with others,” while Proposed Rule 165.2(c) defines “analysis” as “your own examination and evaluation of information that may be generally available, but which reveals information that is not generally known or available to the public.”

POGO urges the CFTC to clarify that the analysis itself cannot have been previously published in one of the sources listed in Proposed Rule 165.2(k)(1)(iii) (“a governmental report, hearing, audit, or investigation, or from the news media”), but that a new analysis could draw on facts published in these sources. This clarification would allow the CFTC to receive tips from whistleblowers, such as Harry Markopolos, who often perform original analysis based on publicly available sources.

Proposed Rule 165.2(g)(4) states that the CFTC will not consider information to be derived from “independent knowledge” if it is obtained:

Because you were a person with legal, compliance, audit, supervisory, or governance responsibilities for an entity, and the information was communicated to you with the reasonable expectation that you would take appropriate steps to cause the entity to remedy the violation, unless the entity subsequently failed to disclose the information to the Commission within sixty (60) days or otherwise proceeded in bad faith.

Along similar lines, Proposed Rule 165.2(g)(5) would exclude information that is otherwise obtained “through an entity’s legal, compliance, audit or other similar functions or processes for identifying, reporting and addressing potential non-compliance with law, unless the entity failed to disclose the information to the Commission within sixty (60) days or otherwise proceeded in bad faith.”

The CFTC has asked if “the carve-out for situations where the entity fails to disclose the information within sixty (60) days promote[s] effective self-policing functions and compliance with the law without undermining the operation of Section 23.”

POGO is concerned that this rule may be overly deferential to internal compliance programs. Although we support the CFTC’s proposal to impose a 60-day deadline in order to ensure that internal compliance investigations are conducted in a timely fashion, we urge the CFTC to provide a clear definition of companies proceeding in “bad faith,” especially given the likelihood that the CFTC will be receiving many tips from employees who first provided information to internal compliance programs. For instance, a definition of “bad faith” could include a company’s failure to document investigations or to increase ethics awareness within the company.

Anti-retaliation measures

Proposed Rule 165.2(p)(1) would define a whistleblower anyone who provides “information relating to a potential violation of the Commodity Exchange Act to the Commission” (emphasis added). In addition, Proposed Rule 165.2(p)(2) makes clear that the retaliation protections afforded to whistleblowers in Section 23(h) of the Commodity Exchange Act would apply “irrespective of whether a whistleblower satisfies the procedures and conditions to qualify for an award.”

The CFTC is seeking comment on whether the anti-retaliation measures in Section 23(h) should be “applied broadly to any person who provides information to the Commission concerning a potential violation of the CEA.”

Given the serious threat of retaliation facing whistleblowers, POGO supports the CFTC’s Proposed Rule 165.2(p), which broadly applies the anti-retaliation measures in Section 23(h). Whistleblowers should not be subject to retaliation just because they don’t qualify for an award under the terms of the CFTC’s program.

Staff communications with whistleblowers

Proposed Rule 165.18 states that if you are a whistleblower who works for a company that has counsel, “the Commission’s staff is authorized to communicate directly with you regarding the subject of your communication without seeking the consent of the entity’s counsel.”

POGO supports the CFTC’s proposal to ensure open communications between the agency and whistleblowers. The CFTC should be primarily concerned with ensuring the free flow of information between the agency and any whistleblowers seeking to disclose market abuses. This proposal is especially important given that many firms require their employees to sign confidentiality agreements.

OIG RECOMMENDATIONS

POGO urges the CFTC to consider adding other rules to incorporate recommendations made by the SEC OIG in its audit of the SEC’s previous whistleblower award program:

  • Establish policies on when to follow-up with whistleblowers who submit applications to clarify information in the bounty applications and obtain readily available supporting documentation prior to making a decision as to whether a whistleblower’s complaint should be further investigated.
  • Examine ways in which the Commission can increase communications with whistleblowers by notifying them of the status of their bounty requests without releasing non-public or confidential information during the course of an investigation or examination.
  • Develop a plan to incorporate controls for tracking tips and complaints from whistleblowers seeking bounties into the development of Enforcement’s tips, complaints, and referrals processes and systems for other tips and complaints.
  • Incorporate best practices obtained from DOJ and the IRS into the SEC bounty program with respect to bounty applications, analysis of whistleblower information, tracking of whistleblower complaints, recordkeeping practices, and continual assessment of the whistleblower program.[16]

If the CFTC establishes better policies for communicating with whistleblowers throughout the application process, it could lessen the burden imposed on whistleblowers to explain the importance of their disclosures.

We would just add one note of caution: the CFTC may wish to review some criticisms that have been made regarding the IRS whistleblower program. For instance, a 2009 audit by the Treasury Inspector General for Tax Administration found that the IRS’s program does not have a good system in place to manage and track cases, and that no awards had actually been paid out under the new program, in part because the claims can take over a decade to process.[17] Recent reports indicate that the IRS has still not made any payments under the program.[18]

BUDGETARY ISSUES

Finally, we want to acknowledge that the CFTC is under tremendous pressure to implement dozens of Dodd-Frank provisions in a narrow timeframe, and we appreciate the agency’s efforts to strike a number of delicate balances in its implementation of the whistleblower award program. We also want to acknowledge that the agency is facing enormous staffing and budgetary challenges, which may create additional difficulties in the implementation of the program.

However, we would caution the CFTC not to scale back its implementation of the whistleblower award program. In fact, the CFTC’s lack of resources is all the more reason to encourage whistleblowers to help the agency uncover market fraud and abuse. SEC Chairman Mary Schapiro made a similar point in testimony before Congress last year:

You can give us all the money and all the people in the world. And we’re still going to need to rely on citizens and the private-sector accounting firms and others to be able to do our job effectively.[19]

POGO urges the CFTC to take every step necessary to facilitate the free flow of information from whistleblowers who can help the agency do its job, and to protect those whistleblowers from retaliation.

Thank you for your consideration of this comment. If you have any questions, please contact Angela Canterbury or Michael Smallberg at (202) 347-1122

Sincerely,

Danielle Brian

Executive Director

_________________________

[1] Association of Certified Fraud Examiners, 2008 Report to the Nation on Occupational Fraud & Abuse. (Downloaded February 4, 2011) (hereinafter “Report to the Nation”)

[2] Alexander Dyck, Adair Morse, and Luigi Zingales, “Who Blows the Whistle on Corporate Fraud?” http://www.afajof.org/afa/forthcoming/4820p.pdf (Downloaded February 4, 2011)

[3] Securities and Exchange Commission, “SEC Awards $1 Million for Information Provided in Insider Trading Case,” July 23, 2010. (Downloaded February 4, 2011)

[4] Securities and Exchange Commission, Office of Inspector General, Investigation of Failure of the SEC to Uncover Bernard Madoff’s Ponzi Scheme (Report No. OIG-509), August 31, 2009. (Downloaded February 4, 2011); Securities and Exchange Commission, Office of Inspector General, Investigation of the SEC’s Response to Concerns Regarding Robert Allen Stanford’s Alleged Ponzi Scheme (Case No. OIG-526), March 31, 2010. (Downloaded February 4, 2011)

[5] Securities and Exchange Commission, Office of Inspector General, Assessment of the SEC’s Bounty Program (Report No. 474), March 29, 2010. (Downloaded February 4, 2011) (hereinafter “Assessment of the SEC’s Bounty Program”)

[6] Michael Smallberg and Adam Zagorin, “Long Island Congressional Candidate Cited or Giving Up JPMorgan Whistleblower,” Politics Daily, January 28, 2010. (Downloaded February 4, 2011)

[7] Letter from Danielle Brian, Executive Director, Project On Government Oversight, to Elizabeth Murphy, Secretary, Securities and Exchange Commission, December 17, 2010. (Downloaded February 4, 2011)

[8] 111th Congress, “Dodd-Frank Wall Street Reform and Consumer Protection Act” (Public Law 111-203), July 21, 2010, Section 748. (Downloaded February 4, 2011)

[9] Center for Responsive Politics, “Lobbying Spending Database – Securities Industry & Financial Mkt Assn.” (Downloaded February 4, 2011)

[10] Liz Moyer, “Sifma: Actively Engaged In Shaping Financial Rules,” Dow Jones Newswires, January 18, 2011. (Downloaded February 4, 2011)

[11] Letter from Ira D. Hammerman, Senior Managing Director and General Counsel, Securities Industry and Financial Markets Association, and John M. Damgard, President, Futures Industry Association, to David A. Stawick, Secretary, Commodity Futures Trading Commission, February 3, 2011. (Downloaded February 4, 2011)

[12] “Report to the Nation,” p. 19.

[13] KPMG Forensic, Integrity Survey 2008-2009. (Downloaded February 4, 2011)

[14] Eric Havian, “Solution: Don’t Let Wall Street Get Away With It! Protect and Reward SEC Whistleblowers,” Truthout, December 15, 2010. (Downloaded February 4, 2011)

[15] David Childers, “Protect Against the Perils of the Dodd-Frank Whistleblower Guidelines,” Corporate Compliance Insights, December 2, 2010. (Downloaded February 4, 2011)

[16] “Assessment of the SEC’s Bounty Program”

[17] Treasury Inspector General for Tax Administration, Deficiencies Exist in the Control and Timely Resolution of Whistleblower Claims, August 20, 2009. (Downloaded February 4, 2011)

[18] Ryan J. Donmoyer, “IRS Paid No Rewards in U.S. Whistleblower Program,” Bloomberg, December 15, 2010. (Downloaded February 4, 2011)

[19] Testimony of Mary Schapiro, “SEC Actions Relating to the Financial Crisis,” Hearing before the House Appropriations Subcommittee on Financial Services and General Government Appropriations, March 11, 2009.