In the last two years, the U.S. Securities and Exchange Commission (SEC) announced several major enforcement actions against employers for using contracts with employees that seek to impede the employees from engaging in protected whistleblowing activity. Under rules that went into effect five years ago pursuant to the Dodd-Frank Act, such employment contracts are prohibited. These enforcement actions represent an important reminder for employers to review all agreements that they have with current and former employees to ensure that the confidentiality provisions do not explicitly or implicitly prohibit protected whistleblowing activities.

The BlueLinx Enforcement Action

Last summer, the SEC announced its second major enforcement action concerning agreements with employees that limit the ability of employees to blow the whistle. In an August 2016 settlement order, the SEC faulted BlueLinx Holdings, Inc., an Atlanta-based building supply distributor, for various severance agreements that it had used over the preceding five years, which could have the effect of limiting the whistleblowing activities of its former employees.1 In particular, earlier versions of the agreements prohibited disclosure of BlueLinx confidential information or trade secrets except as required by law and only following written disclosure to the BlueLinx Legal Department. Subsequent versions permitted disclosure to certain regulators, including the Equal Employment Opportunity Commission, the National Labor Relations Board, the Occupational Safety and Health Administration, and the SEC, but required the employee to agree to “waive the right to any monetary recovery in connection with any such complaint or charge that the Employee may file with an administrative agency.”2

Section 21F of the Securities Exchange Act, a provision adopted in the Dodd-Frank Act, provides for various whistleblower protections and incentives, including a bounty program for individuals that report original information to the SEC. Exchange Act Rule 21F-17, which the SEC adopted implementing the provision, prohibits “any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement.”3 In its order, the SEC argued that the BlueLinx severance agreements “undermine the purpose of Section 21F, which is to ‘encourage individuals to report to the Commission’ and violate Rule 21F-17(a) by impeding individuals from communicating directly with the Commission staff about possible securities law violations.”

Subsequent to the BlueLinx action, the SEC has brought three additional cases involving unduly restrictive provisions in contracts with employees,4 and the SEC’s Office of Compliance Inspections and Examinations has issued an alert notifying registered investment advisers—including advisers to private equity funds—that the SEC Exam Staff is reviewing advisers for compliance with the whistleblower provisions.5

The KBR Enforcement Action

In 2015, following several public statements by the SEC warning against employee contracts or other measures that seek to limit employees’ ability to report wrongdoing to the SEC,6 the SEC brought its first case against an employer for a confidentiality agreement that it claimed did just that. In that enforcement action, KBR, a technology and engineering firm, settled SEC allegations that confidentiality agreements it used in internal investigation interviews might be interpreted to limit employees’ ability to report wrongdoing to regulators, including the SEC.7 As part of settling the matter, KBR agreed to a $130,000 penalty and to amend its confidentiality agreement language.

The BlueLinx Settlement

The $265,000 penalty for BlueLinx, more than double that for KBR, likely reflects the egregiousness of its violation. Whereas the confidentiality agreement in KBR contained a blanket prohibition on disclosing the substance of internal investigation interviews without prior approval of the KBR legal department, some of the BlueLinx severance agreements explicitly discouraged whistleblowing to regulators by requiring employees that did so to waive potential monetary recoveries.

In addition to the monetary penalty, BlueLinx agreed to amend its severance agreement to allow employees to report to regulators with impunity and agreed to contact former employees that had signed the old agreements, notifying them of their right to do the same.

A Reminder to Portfolio Companies and Other Employers

The KBR, BlueLinx and other recently announced enforcement actions serve as important reminders for employers to review all agreements that they have with current and former employees to ensure that the confidentiality provisions do not explicitly or implicitly prohibit or improperly impede protected whistleblowing activities, particularly reporting to the SEC and the Department of Justice. Although employers may wish to retain language providing that employees waive the right to receive monetary relief in connection with proceedings before the Equal Employment Opportunity Commission, they should ensure that such language does not, explicitly or implicitly, limit employees’ right to participate in the Dodd-Frank bounty program. To the extent that past agreements contain prohibited language, the employer should consult with counsel about whether and how to address the matter.


1 In re BlueLinx Holdings, Inc., Exchange Act Release No. 78528 (Aug. 10, 2016).

2 Id.

3 17 C.F.R. § 240.21F-17(a).

4 See In re Health Net, Inc., Exchange Act Release No. 78590 (Aug. 16, 2016); In re Anheuser-Busch Inbev SA/NV, Exchange Act Release No. 78957 (Sept. 28, 2016); In re SanrdRidge Energy, Inc., Exchange Act Release No. 79607 (Dec. 20, 2016).

5 See Debevoise & Plimpton LLP, Client Update: SEC Exams Focus on Whistleblower Compliance by Investment Advisers and Brokers (Oct. 26, 2016), available at

6 See Debevoise & Plimpton LLP, Client Update: Head of SEC Whistleblower Office Warns against Interference with Potential Whistleblowers (Apr. 24, 2014), available at (The SEC was “actively looking for examples of confidentiality agreements, separation agreements, [and] employee agreements” that condition certain benefits on not reporting activities to regulators, including the SEC.).

7 See Debevoise & Plimpton LLP, Client Update: SEC Brings First-of-Its-Kind Action for Confidentiality Agreement that Discourages Whistleblowing (Apr. 6, 2015), available at