How to Avoid Risk of SEC Whistleblower Rule Violations in Connection with Settlement Agreement Confidentiality Provisions

5 min read

In March 2023, we published an alert concerning the U.S. Securities and Exchange Commission ("SEC") whistleblower protection rule and how to minimize the risk of violations in connection with employee-related documents.1 Last week, the SEC levied charges against a registered broker-dealer and investment adviser that expand the enforcement of the whistleblower protection rule to encompass settlement agreements with clients.2 This update should be instructive for other registered entities seeking to avoid rule violations when drafting such agreements.

As of the end of the 2023 fiscal year, the SEC has brought twenty-one enforcement actions involving violations of Rule 21F-17 since the Dodd-Frank Act empowered the SEC with the ability to bring actions against persons, including companies, for impeding reports to the SEC.3 Last year, these actions arose primarily from employment-related agreements that violated the Rule.4 For example, in September of 2023, the SEC levied a $10 million civil penalty against an investment adviser for using employee agreements that prohibited the disclosure of "confidential information" unless authorized by the company or required by law or an order of a court or other regulatory or governmental body.5

This latest SEC Order, however, applies the enforcement of the whistleblower protection rule in a new context. On January 16, 2024, the SEC announced that a registered broker-dealer and investment adviser agreed to pay an $18 million civil penalty to settle charges for impeding advisory clients and brokerage customers from reporting potential securities law violations.6 Specifically, the SEC charged the registered entity with violation of Exchange Act Rule 21F-17(a), which prohibits any person from taking "any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications."

According to the SEC Order, the registered entity violated this rule by asking certain advisory clients and brokerage customers "to whom it had issued a credit or settlement over $1,000 in value" to sign a confidential release agreement that prevented the clients from disclosing potential violations of securities laws to the SEC unless responding to an inquiry from the SEC.7 The release required that clients keep confidential the release itself and all information relating in any way to the specified account, stating in relevant part:

[The client] shall keep this Agreement confidential and not use or disclose (including but not limited to, media statements, social media, or otherwise) the allegations, facts, contentions, liability, damages, or other information relating in any way to the Account, including but not limited to, the existence or terms of this Agreement . . . . Notwithstanding, [client] and [client’s] attorneys are neither prohibited nor restricted from responding to any inquiry about this settlement or its underlying facts by FINRA, the SEC, or any other government entity or self-regulatory organization, or as required by law.

Although clients were permitted to respond to inquiries from the SEC, it did not allow voluntary communications regarding potential securities law violations. The SEC thus found that the terms of the Release prohibited clients from affirmatively reporting to the Commission staff in violation of Rule 21F-17(a), which is intended to "encourag[e] individuals to report to the Commission."8

With this latest Order, the SEC has demonstrated that the language of settlement agreements, like employee agreements, must clearly comply with the parameters of Rule 21F-17. Gurbir S. Grewal, Director of the SEC’s Division of Enforcement, noted this by stating, "[w]hether it’s in your employment contracts, settlement agreements or elsewhere, you simply cannot include provisions that prevent individuals from contacting the SEC with evidence of wrongdoing."9

This action should serve to remind registered entities and other companies that settlement agreement documents cannot be read to impede reporting to the SEC. Even where there is no intention to interfere with regulatory scrutiny, the SEC has evinced a willingness to act due to the language of a settlement agreement alone. Registered entities should therefore be reminded that mere language may be viewed as impeding reporting to the SEC, regardless of whether actual enforcement of such language is carried out.

Arianna Skipper (White & Case, Law Clerk, New York) contributed to the development of this publication.

1 How to Avoid Risk of SEC Whistleblower Rule Violations in Connection with Employee-related Documents, White & Case LLP (March 7, 2023),
2 Exchange Act Release No. 99344 (Jan. 16, 2024).
3 Office of the Whistleblower FY 2023 Report at 7,
4 See, e.g., In the Matter of CBRE, Inc., File No. 3-21675 (Sept. 19, 2023),, (finding violations of Rule 21F-17 where a commercial real estate services and investment firm required its employees, as a condition of receiving separation pay, to represent that they had not filed a complaint against the company with any federal agency); In the Matter of Monolith Resources, LLC, File No. 3-21629 (Sept. 8, 2023),, (finding violations of Rule 21F-17 where a privately held energy and technology company required certain departing employees to waive their rights to monetary whistleblower awards); In the Matter of Gaia, Inc. & Paul C. Tarell, Jr., CPA, File No. 3-21438 (May 23, 2023),, (The Commission found that the company retaliated, in violation of Section 21F(h)(1), against an employee (including firing the employee) who repeatedly reported internally to management both before and after filing a complaint with the Commission. The Commission further found that Gaia violated the Commission’s rule against impeding reporting by including provisions in certain severance agreements that required departing employees to waive any potential right to a whistleblower award.); In the Matter of Activision Blizzard, Inc., File No. 3-21294 (Feb. 3, 2023),, (finding violations of Rule 21F-17 where a video game development and publishing company used separation agreements that required former employees to notify the company of any request for information from the Commission’s staff).
5 Exchange Act Release No. 98641 (Sept. 29, 2023),
6 Exchange Act Release No. 99344 (Jan. 16, 2024).
7 Id.
8 Securities Whistleblower Incentives and Protections Adopting Release, Release No. 34-63434 (June 13, 2011).
9 Press Release, U.S. Sec. & Exch. Comm’n. (Jan. 16, 2024),

White & Case means the international legal practice comprising White & Case LLP, a New York State registered limited liability partnership, White & Case LLP, a limited liability partnership incorporated under English law and all other affiliated partnerships, companies and entities.

This article is prepared for the general information of interested persons. It is not, and does not attempt to be, comprehensive in nature. Due to the general nature of its content, it should not be regarded as legal advice.

© 2024 White & Case LLP