Despite the fact (or perhaps due to the fact) that whistleblowing can be a very effective policing mechanism against wrongdoing, confidential employee hotlines often exist in obscurity, as a New York Times article pointed out concerning the Fox News Bill O’Reilly scandal. It cites one employment expert to the effect that companies often “bury information about how employees can file confidential complaints and for employees to be completely unaware of the existence of hotlines.” This is despite the fact that several federal laws require implementation of an effective whistleblowing compliance regime, ranging from Sarbanes-Oxley, the Dodd-Frank Act, and the SEC’s whistleblower rules. But it is one thing to mandate and another to create a culture of compliance that actively supports employees’ whistleblower rights.
A startling problem with compliance culture and tone at the top also recently surfaced at Barclays. As reported by Bloomberg, CEO Jes Staley inquired not once but twice as to the identity of a whistleblower even after being told that seeking to identify the whistleblower was “inappropriate.” Both the U.K. Financial Conduct Authority and Prudential Conduct Authority are investigating his conduct and the company’s internal controls. The New York Department of Financial Services has also taken up the baton in the U.S. regarding Staley’s conduct. A report from an internal investigation said he had “honestly, but mistakenly” believed that it was permissible to identify the whistleblower. Barclays reprimanded the CEO and likely will heavily reduce his $1.6 million bonus.
The Barclays and Fox News scandals illustrate the low priority that many companies place on whistleblowing in their compliance regimes. In the case of financial institutions, it appears that their mantra about revamping poor compliance regimes after the multibillion dollar fines of the last several years is only that – just talk. Jes Staley’s conduct is odd given that he had made restoring the bank’s reputation a top priority following heavy fines for interest rate and foreign exchange rate manipulation.
The federal agencies are tasked with ensuring that the firms that they oversee satisfactorily meet regulatory expectations, including compliance with federal mandates regarding whistleblowing. As reported by CNN, the Office of the Comptroller of Currency did not act on numerous “red flags” at Wells Fargo concerning some 700 cases of whistleblower complaints about the bank’s fraudulent account openings. Specifically, there was no evidence the OCC investigated the “root cause” of the practices – the aggressive sales goal targets set by senior management. In the case of Wells Fargo, both the Wells Fargo board of directors and the OCC, two important guardians charged with oversight of potential corporate misconduct, are not adequately doing their job.
In the end, it may be that a compliance culture can be improved only after external events and forces have compelled a firm to do so. In the case of Fox News, mass withdrawals of commercial advertisers forced the company’s hand. In the case of Wells Fargo, shareholders on April 25 expressed considerable displeasure at the firm’s annual shareholder meeting by only narrowly electing several of the incumbent directors, with one getting only 53% of the vote, for another year. In the case of the regulators, Congressional oversight committees are likely to take the OCC to task.