My Auditor, My Whistle-blower

New rules give accounting firms' employees monetary incentive to turn clients in.
Steven S. ScholesJune 28, 2011

The Securities and Exchange Commission’s new whistle-blower rules, issued late last month, received much attention for providing cash rewards to securities-fraud informants. CFOs should be aware of a potential outcome of the rules that was not well publicized: auditors can blow the whistle on their own audit clients and receive a substantial bonus for doing so.

Under the rules, the SEC may pay substantial monies to individuals whose tips lead to the collection of more than $1 million in monetary sanctions. In fact, the awards will range from 10% to 30% of the government’s financial recovery. To be eligible for a bounty, whistle-blowers must report “original information” derived from their “independent knowledge or independent analysis.” In an era of monetary sanctions from SEC enforcement actions totaling eight and sometimes nine figures, these rules obviously create enormous incentives for individuals to report suspected illegal activity.

The rules try to avoid letting this incentive go too far with a provision apparently intended to preclude individual auditors from blowing the whistle on their own clients. Such a prospect would possibly create significant problems in the relationship between auditors and their clients by strongly incentivizing auditors to go straight to the SEC. Specifically, the rules state that information is not “original” (and thus the person reporting such information is not eligible for an award) if (1) the whistle-blower is an employee or other person associated with a public accounting firm, (2) the whistle-blower obtained the information through the performance of an engagement required of an independent public accountant under the federal securities laws, and (3) the information related to a violation by the audit client. While this carve-out may seem to prevent audit firms from blowing the whistle on their own clients, it in fact will be woefully inadequate in achieving that goal.

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.


Two aspects of the rules will allow auditors to collect a bounty from their own clients’ misdeeds, by direct and indirect means. First, the rules say that information will be deemed “original,” even if the provider of the information is affiliated with an audit firm, as long as the audit client’s conduct is likely to cause substantial financial injury to investors. This provision could encourage auditors to report information on their own clients directly to the SEC. It alone may render ineffective the other provision apparently designed to prevent auditors from reporting — and cashing in on — their own clients.

Second, auditors may blow the whistle on their own employers. Tellingly, if an auditor does so and the information reported ultimately leads the SEC to recover sanctions against the audit client, the reporting auditor is eligible for an award. To be sure, in adopting the rules the SEC stated it was “not excluding information that is received in breach of state-law confidentiality requirements, such as those imposed on auditors, because to do so could inhibit important federal-law enforcement interests.” In other words, the commission wants to encourage auditors to come forward, even if an auditor breaches a duty of confidentiality to a client by doing so.

A similar situation exists with respect to an auditor’s obligations to report illegal conduct under Section 10A of the Securities Exchange Act of 1934. The rules generally provide that an auditor may not file a whistle-blower report rather than a Section 10A report in order to receive an award. The rules state that auditors may not be considered whistle-blowers if they obtained information through the performance of an audit and if the whistle-blower submission “would be contrary to the requirements of Section 10A” of the Exchange Act.

However, an employee of an audit firm may provide information to the SEC alleging that the audit firm “violated Section 10A (or other professional standards), because such a submission is not contrary to the requirements of Section 10A.” If the individual auditor does so and the information provided leads to a successful enforcement action against the audit client, the individual auditor will be eligible for an award.

Because individual auditors now have ample opportunity to seek a substantial whistle-blower bounty, the relationship between audit firms and their clients could become damaged by creating conflict and controversy that otherwise would not have occurred. At a minimum, the rules will likely create an atmosphere of suspicion and distrust when difficult audit issues arise and accounting judgments are made. Clients will naturally wonder whether an auditor who disagrees with an accounting judgment will report that issue to the SEC, causing the SEC to investigate.

Steven S. Scholes is a partner in law firm McDermott Will & Emery LLP, a member of the firm’s SEC Defense Group, and leader of the Subprime and Credit Markets Litigation Group. His trial practice focuses on securities and other complex commercial litigation.