Whistleblowers protected
SOX 806 prohibits retaliation against those who report fraud
It takes courage to report a suspicion of fraud because the whistleblower may fear discrimination, retaliation or being fired as a result. A section of the Sarbanes-Oxley Act (SOX) — Section 806 — prohibits retaliation against employees who report an incident of fraud.
Section 806 defined
SOX rules apply primarily to public companies, but it’s also important for private business owners to be familiar with the provisions of the whistleblower protection. Otherwise, they may find themselves in violation without even knowing it.
SOX 806 prohibits publicly traded companies from discharging, demoting, suspending, threatening, or discriminating or retaliating against a whistleblower. This includes employees who have filed a complaint or participated in or assisted with a fraud investigation.
Yes, you might say, but my company isn’t publicly traded, so SOX doesn’t apply to me. Don’t be so sure. In some cases, the Department of Labor (DOL) has held that private businesses have been acting as agents or subcontractors of public companies and are, thus, covered by SOX.
Standard of proof not high
For employees reporting a retaliatory act, the standard of proof under SOX 806 isn’t very high. They aren’t required to prove fraud or even that their firing was retaliatory. Employees just need to show that they reasonably believed a fraud was being perpetrated, that they disclosed that belief to their employer or to authorities, and that they were fired within a short time after the disclosure.
If an employee meets the standard of proof, the business must prove by clear and convincing evidence that it would have fired the employee regardless of the whistleblowing. That isn’t always easy to do, and sometimes the DOL may order that the employee be reinstated before there’s even a hearing on the merits of the claim.
Communicate procedures
Your best bet is to avoid running afoul of SOX 806 in the first place. Be sure your employees understand how they can report suspicious activity without fear of reprisal by, for example, calling your confidential hotline. Also make certain all supervisors understand that retaliation isn’t allowed.
As part of your fraud prevention plan, adopt policies that encourage everyone in the company to report suspicious activity. And revise managers’ job descriptions to include SOX 806 compliance as one of their responsibilities. At the same time, limit the number of people who receive and document complaints. Keep the sharing of this information on a “need-to-know-only” basis.
But what if you need to fire an employee who’s made a whistleblower report, for reasons unrelated to the complaint? Ensure that you have clear and convincing evidence that your action isn’t retaliatory, such as a record of unacceptable performance or activities, with dates, and the action taken following each incident. You may also want to discuss the situation with your attorney before terminating the employee.
Start with an ethical culture
To help avoid running afoul of SOX 806, it’s wise to take steps to ensure your company is held to high ethical standards. These steps may include implementing stronger fraud controls, conducting regular audits and instituting simpler and more confidential fraud reporting opportunities. In addition, contact your business advisor to learn more about SOX 806 provisions if you’re not familiar with them.