If you are the CEO or the Head of a corporation or LLC in South Salt Lake, Utah consult with an experienced corporate lawyer to set up an audit committee as required by law.
Section 301 of the Sarbanes-Oxley Act (SOX) requires that every publicly traded corporation have an independent “audit committee,” and that each such committee must thereafter “establish procedures” for employees to provide “confidential” and even “anonymous” allegations “regarding questionable accounting or auditing matters.” In order to emphasize the seriousness of providing a mechanism to encourage whistleblowing on corporate wrongdoing, Congress also provided that any company that fails to establish the procedures required by SOX Section 301 would be “de-listed” as a publicly traded company from the stock exchanges. The SOX statute, on its face, requires that audit committees provide for the “receipt, retention and treatment” of both “confidential” and “anonymous” complaints concerning company accounting, internal accounting controls, or auditing matters. Accordingly, audit committee procedures must contain at least three features in order to comply with Section 301:
• Ensuring that employees can make “confidential” and “anonymous” reports
• Requiring that employee complaints be handled independently from the management of the publicly traded company
• Mandating that employee complaints about company accounting, internal accounting controls, or auditing matters be independently investigated in a professional and effective manner
In implementing SOX Section 301, the SEC expressly recognized that it is essential for the audit committee to maintain independence from the board of directors, as a whole, and company management so that the audit committee can fulfill its role in effectively performing oversight functions. The SEC also recognized that audit committee independence is paramount to ensure that there be “frank, open channels of communication so that information can reach the audit committee.”
The importance of maintaining the free flow of information from company employees has long been recognized as essential to uncover corporate fraud. Some federal courts have held that a stockholder may allege securities fraud violations under the Private Securities Litigation Reform Act (PSLRA) of 1995 based on confidential sources, such as allegations received from unnamed former or current employees.6 One court has noted that employees or others in possession of important information about corporate malfeasance may be discouraged from stepping forward if they must be identified at the earliest stage of a lawsuit.
Mechanisms to receive and investigate employee complaints are not an alien concept to either corporate America or the federal government. Several companies in highly regulated industries—such as the nuclear power, defense contracting, and oil, gas, and chemical industries—have attempted to provide for so-called independent employee concerns or complaint programs. Likewise, the federal government has established various procedures, such as Inspector General programs and the Office of Special Counsel, to receive and investigate whistleblower complaints from federal employees. However, all of the currently established programs have met with dubious results and fall far short of the expectations and mandates envisioned by Congress when it enacted SOX.
Nonetheless, audit committees and human resources professionals would be well advised to study the problems and inherent flaws in these existing employee-concerns programs before attempting to establish the procedures required by SOX Section 301. In too many cases, the established employee-concerns programs have participated in the retaliation carried out against the employee-whistleblower. This must be avoided at all costs under SOX Section 301, or companies will risk being “de-listed” as a publicly traded company for failing to establish the required procedures.
In order to adhere to the reforms mandated by SOX Section 301, it is incumbent upon the audit committee to actively promote and enforce a corporate culture that encourages whistleblowing and that prohibits any retaliation against employees who make complaints protected under SOX Section 301. Once there exists the perception of retaliation against or unfair treatment of employees who report complaints to the audit committee, there will exist a lack of confidence in the program among employees, and the entire purpose of SOX Section 301 will be fatally undermined.
Thus, in order for an audit committee to properly comply with SOX Section 301 it must build trust and instill confidence in employees to utilize whatever program and mechanisms the audit committee establishes to receive and investigate complaints.
Unlike the existing employee-concerns programs, SOX Section 301 requires that audit committees play a central role in changing or reforming corporate culture with respect to business ethics, generally, and in regard to the corporate view of whistleblowing on Section 301 matters in particular. As a result of this statutory mandate, audit committees are expected to be a driving independent force for corporate reform. By contrast, existing employee-concerns programs usually augment the role of management, and they lack the resources, independence, and clout to enforce reforms or make meaningful changes in corporate culture.
In short, if audit committees fully comply with SOX Section 301, there is the potential for a sea change in corporate culture and attitudes toward whistleblowers. That is precisely what Congress had in mind.
Don’t shoot the messenger
It is well known that the prevailing view toward whistleblowers both within corporate America and in government is based on a “shoot the messenger” mentality. The precise reasons why whistleblowers are so ostracized and mistreated by corporate and governmental organizations are complex. However, it is not oversimplifying to say, as a general matter, that management, whether in the private or public sectors, instinctively detests whistleblowers. Naturally, nobody enjoys having their ethics questioned. Consequently, individuals and supervisors who are implicated by whistleblower allegations often overreact in a highly charged personal manner against the employee who is perceived or known to have raised the complaint.
When these disputes get out of hand, the whistleblower can be viewed by the organization itself as a threat to its mission or existence. If such situations persist, it can result in creation of a truly hostile work environment for the whistleblower. In the past, whistleblowers have been widely viewed by companies and coworkers as needlessly slowing down production, costing the company excessive amounts of money, threatening the shutdown of the plant and loss of jobs, and as being disloyal, traitors, or disgruntled. In many cases, companies and their management have permitted or even encouraged negative perceptions of whistleblowers to take hold within the organization as a whole.
Too often, existing employee-concerns programs have become part of this corporate “shoot the messenger” mentality. In the most extreme cases, employee-concerns programs have breached employee confidentiality and shared information with the company management or its lawyers to attack the whistleblower.
Code of Ethics
Establish a companywide code of ethics as well as policies and procedures that encourage whistleblowing and prohibit retaliation. The audit committee must obtain a commitment from the company itself to establish a companywide code of ethics and company policies to encourage employees to report misconduct. In order for any such code of ethics or company policy to be believable and trustworthy it must include provisions that retaliation against employees who engage in whistleblowing is strictly prohibited. Any failure on the part of companies to adopt such fundamental policies and codes of ethics, and to openly accept that whistleblower retaliation is prohibited, will doom the chance of success of any audit committee procedures under SOX Section 301. Moreover, the company policy must clearly inform employees of their right to file a retaliation case with the U.S. Department of Labor under Section 806 of the SOX. It should explain to the employees precisely how they can file a claim and should commit the employer to fully ensuring that the corporation will adhere to its obligations under the antiretaliation provision.
In order to succeed under SOX Section 301, the audit committees, human resources professionals, and company management must persuade employees that utilization of the established reporting procedures will not result in retaliation. They must also persuade employees that these internal reporting structures will effectively, objectively, and independently evaluate the merits of employee allegations. If employees believe that their identities will be revealed by the audit committee to management, or that employees will be subject to retaliation, there will not be an open and frank channel of communication between company employees and the audit committees that is required by SOX Section 301.
In order to instill the required trust and confidence in the program, companies should adopt strict policies of severely disciplining or terminating anyone who either breaches an employee’s confidentiality or retaliates against an employee who reports corporate fraud or other misconduct protected by SOX Section 301.
Provide for confidential and anonymous reporting
Failure to do this can result in a publicly traded company being “de-listed” from the stock exchanges. Even in cases where an employee does not request confidentiality or anonymity in making a complaint, it is good practice to limit the identification of whistleblowers to the audit committee and its investigators. There is no need under any circumstances for an audit committee or its investigators to inform the company’s board of directors, management, or legal department of the identity of a whistleblower. The most effective way to prevent retaliation against the employee is to restrict the number of people who know the identity of the whistleblower to the absolute minimum and to keep that information within the audit committee. Moreover, if information provided by employees to the audit committee is later revealed to management, or used by the company either to publicly discredit the employee or in litigation against the employee, it will create a chilling effect on other employees, and the audit committee’s sources of information will quickly dry up.
Any reports issued by the audit committee or its investigators should not mention the employee’s name, and audit committees should identify allegations by tracking number, or other anonymous identifier. Additionally, each audit committee should adopt procedures, such as those provided under the federal Whistleblower Protection Act, that prevent disclosure to management of any findings on the merits of the employee’s complaint unless the employee consents to that disclosure.
Maintain independence of investigators and audit committees
Once again, failure to do this can result in a company being “delisted.” This is perhaps the most important feature of SOX Section 301. It is only by maintaining the independence of the audit committee and its investigators and consultants with respect to whistleblower complaints that the Congressional mandate of reforming corporate culture can be realized. If employees do not have confidence in the independence of the audit committee from the company’s board and management, then employees will not likely utilize the procedures established by the audit committee. Additionally, it is only through maintaining independence from management that audit committees can fulfill their oversight function and enforce meaningful reform of corporate culture.
It is also important for audit committees and companies to realize that auditors, investigators, and consultants who perform work to implement and comply with SOX Section 301 are protected, as a matter of law, from retaliation. Any retaliatory action taken against auditors, investigators, human resources professionals, attorneys, or other consultants who act to enforce or comply with SOX Section 301 would be actionable under the SOX whistleblower provisions.
Investigate and keep track of each complaint
This is also required by SOX Section 301, and the failure of audit committees to act on and keep track of complaints could result in a company being “de-listed.” Audit committees must ensure that competent and independent investigations are conducted. It will not be sufficient for audit committees to simply refer complaints to company management or corporate counsel to investigate. Additionally, if a company already has an existing employee-concerns program, the audit committee should insist that the existing program report directly to the audit committee and otherwise comply with SOX Section 301 requirements before utilizing any existing program. Most importantly, there must be a procedure designed to establish who is assigned to investigate and monitor complaints, one that avoids any conflicts of interest or compromise of an employee’s confidentiality. In many cases, there may be a need for the audit committee, or its investigators, to hire outside consultants or technical experts to evaluate the merits of the employee’s complaint. Care must be taken to ensure that such experts or consultants are unbiased and independent of management and that conflicts of interest are avoided. An experienced South Salt Lake, Utah corporate can help your business set up an efficient audit committee.
Business Attorney Free Consultation
If you are located in South Salt Lake Utah and you need legal help with your business, please call Ascent Law for your free consultation (801) 676-5506. We want to help you.
8833 S. Redwood Road, Suite C
West Jordan, Utah
84088 United States
Telephone: (801) 676-5506