Labor and Employment Articles 

Corporate Responsibility and the Sarbanes-Oxley Act

by Sandra Perry
Companies that are publicly traded and registered with the Securities and Exchange Commission are governed by the Corporate and Auditing Accountability, Responsibility and Transparency Act of 2002, otherwise known as the Sarbanes-Oxley Act (“the Act”). The purpose of this Act is to “protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws.” Among other things, it contains sweeping measures dealing with financial reporting, conflicts of interest, corporate ethics, oversight of the accounting profession, protection of whistleblowers, and establishment of new civil and criminal penalties for violations of securities laws. The most significant employment law considerations raised by the Act pertain to the code of ethics disclosure requirements and whistleblower protections.  





 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

NOTES:
  1. See Pub. L. No. 107-204, 116 Stat. 745 (July 30, 2002).
  2. See id.
  3. See 17 C.F.R. Parts 228, 229, & 249 (2002); 60 Fed. Reg. 21(B)1c.
  4. See id.
  5. See 68 Fed. Reg. 21(B)2c.
  6. The Company must comply with the code of ethics disclosure requirements in their annual reports for fiscal years ending on or after July 15, 2003.
  7. See 68 Fed. Reg. 21(B)4.
  8. See id. at 21(B)5.
  9. See id. 
  10. See 18 U.S.C.A. § 1514A(a).
  11. See 18 U.S.C.A. §§ 1514A(a)(1) (referencing 18 U.S.C. §§ 1341, 1343, 1344, & 1348). 
  12. See 18 U.S.C.A. § 1514A(a).
  13. See id.
  14. See 18 U.S.C.A. § 1514A(b)(1)(A) & (b)(2)(D).
  15. See 49 U.S.C. §42121(b) (incorporated into the Act by 18 U.S.C.A. § 1514A(b)(2)).
  16. See id.
  17. See id.
  18. See id.
  19. See id. at § 1514A(b).
  20. See id. at § 1514A(c).
  21. See id. 
  22. See id. at § 1514A(b).
  23. The SEC has indicated, albeit in a footnote in its Final Rule, that the designated persons to whom employees should make reports of fraudulent activity should have “sufficient status within the company to engender respect for the code and the authority to adequately deal with persons subject to the code regardless of their status in the company.” 68 Fed. Reg. 21(B)2 n.45.

 

 

With respect to the Act’s code of ethics requirement, the statute directs the SEC to implement rules requiring covered organizations (those that are subject to the reporting requirements of Section 13(a) or 15(d) of the Exchange Act) to state in their periodic reports whether or not they have adopted a code of ethics for their senior financial officers. The SEC’s Final Rule, which came into effect on March 3, 2003, requires a company to disclose whether it has adopted a code of ethics that applies to the registrant’s principal executive officer, principal financial officer, principal accounting officer or controller, or persons performing similar functions. If the company has not adopted such a code of ethics, it must explain to the SEC why it has not done so. 

The Final Rule defines the term “code of ethics” as written standards that are reasonably designed to deter wrongdoing and to promote:

  • Honest and ethical conduct, including the ethical handling of actual or apparent conflicts of interest between personal and professional relationships;

  • Full, fair, accurate, timely, and understandable disclosure in reports and documents that a registrant files with, or submits to, the Commission and in other public communications made by the registrant; 

  • Compliance with applicable governmental laws, rules, and regulations;

  • The prompt internal reporting to an appropriate person or persons identified in the code of violations of the code; and

  • Accountability for adherence to the code.

Unfortunately, the Final Rule does not specify every detail a company must address in its code of ethics, nor does it prescribe any specific language that the code must include. Further, the Final Rule does not set forth the procedures the company should develop, or the types of sanctions that it should impose, to ensure compliance with its code of ethics. According to the Final Rule, the company is permitted to have separate codes of ethics for different types of officers.

A covered company must disclose that it has a code of ethics in its annual report and must make the actual code available to the public in one of three ways: (1) File the code as an exhibit to its annual report; (2) post the text of the code, or relevant portion thereof, on the company’s internet website; or (3) provide an undertaking in its annual report to provide a copy of its code of ethics to any person without charge upon request. Depending upon which option it selects, the company must complete and file certain specified SEC forms. Finally, the company is required to make immediate disclosure on Form 8-K or via Internet dissemination of any change to or waiver from the company’s code of ethics for its senior financial officers. A “waiver” is defined as approval by the company of a material departure from a provision of the code of ethics. 

Whistleblowers receive federal protection under the Act. Specifically, the Act protects employees of public companies when they act lawfully to disclose information about corporate or securities fraud within their company. This includes mail fraud; wire, radio or television fraud; bank fraud; and securities fraud. The employee need only “reasonably believe” that a violation of federal securities law, SEC rules, or “any provision of Federal law relating to fraud against shareholders” has occurred or is occurring to invoke the Act’s protection.

The Act protects employees when they disclose information or otherwise assist people with supervisory authority (or the authority to investigate, discover, or terminate misconduct) within their company, criminal investigators, federal regulators, Congress, or parties in a judicial proceeding, in detecting and stopping fraud. According to the Act, it is unlawful for publicly traded companies, their officers, employees, contractors, subcontractors, and agents to take adverse employment action against an employee for his whistle-blowing activities. In addition to corporate liability, the statutory language appears to allow individual liability of officers and employees for their retaliatory employment action. 

An employee who believes that he has been retaliated against for lawful and protected conduct, must file a complaint with the United States Department of Labor (“DOL”) within 90 days of the alleged violation. The whistleblower’s initial burden of proof is to show that the protected activity was “a contributing factor” in the adverse employment decision. If the employee fails to establish a prima facie case, the DOL will not proceed with an investigation. 

Conversely, if the employee does establish a prima facie case, a DOL investigation will ensue unless the employer demonstrates “by clear and convincing evidence” that it would have taken the same adverse employment action in the absence of the whistle blowing behavior. Should the employer succeed in making this showing, the DOL will dismiss the complaint. In the event that the DOL decides to hold a hearing, it must do so expeditiously and must issue a final order within 120 days of the hearing. If the DOL has not acted within 180 days, the employee may file suit in federal district court. 

Remedies for violation of the Act include “all relief necessary to make the employee whole.” This includes reinstatement, back pay, and special damages, such as attorney fees, litigation costs, and expert witness fees. Punitive damages are not available. The Act also contains a related but more limited criminal provision providing for criminal sanctions of fines or imprisonment for up to 10 years against anyone who, with the intent to retaliate, takes “any action harmful to any person, including interference with the lawful employment or livelihood of any person, for providing to a law enforcement officer any truthful information relating to the commission or possible commission of any Federal offense.” 

It is implicit in the Act’s mandate to covered companies to disclose to the SEC whether they have a code of ethics for senior financial officers, that such companies should adopt an ethics code specifically directed at those particular individuals. Thus, companies that fall under the Act should strongly consider adopting an employee policy addressing the ethics standards for its senior financial officers, including its principal executive officer, principal financial officer, principal accounting officer or controller, or individuals performing similar functions. To ensure compliance with the Act, and to make that compliance readily apparent, companies may want to consider dividing the policy into separate sections addressing honest and ethical conduct (including avoiding conflicts of interest and maintaining confidentiality), financial records and periodic reports, and compliance with applicable laws, rules, and regulations.

To comply with the whistleblower protection provisions of the Act, covered companies may want to establish a policy that encourages internal reporting of fraudulent activities and breaches of securities laws. While the Act does not expressly require covered organizations to adopt such a policy, doing so demonstrates a commitment to establishing and maintaining the highest standards of ethical conduct, it facilitates the purpose of the Act by encouraging employees to report fraudulent activities, and gives companies an invaluable opportunity to learn about and address any inappropriate or unlawful behavior before it escalates or comes to the attention of outside authorities. 

An appropriate and effective securities fraud reporting policy should: (1) provide a reporting procedure designating specific management personnel to whom reports should be made; (2) provide a description of the kinds of fraudulent activities reasonably covered by the Act (i.e. mail fraud; wire, radio or television fraud; bank fraud; and securities fraud); (3) contain an assurance that no one will be retaliated against or suffer discrimination in employment for making a good faith report under the policy; and (4) state that a thorough and impartial investigation will take place in response to a good faith report of fraudulent activity. 

In sum, covered companies should strongly consider preparing and implementing a policy that demonstrates a commitment to corporate responsibility and the firm intention to fully comply with the provisions of the Act. This includes adopting a code of ethics policy specifically geared towards senior financial officers and a securities fraud policy to facilitate employee reporting of fraudulent activities within the organization.
   


© 2008 Bose McKinney & Evans LLP All Rights Reserved 		Disclaimer Español Japanese