In October, the US derivatives regulator paid $200 million to a former Deutsche Bank employee who helped expose the rigging of the Libor benchmark interest rate. It was the largest sum ever paid to a whistleblower and was directly linked to the $2.5 billion settlement the bank made with the American authorities in 2015.
While Ireland’s anti-corruption toolkit doesn’t include incentivised reward payments for whistleblowers – relying instead on the morality and bravery of individuals who come forward- bounty programmes have been a hugely successful feature of the beefed up US financial regulatory landscape that followed the 2008 crash.
More than that, they have brought accountability into the international domain. US markets regulator the Securities and Exchange Commission (SEC) frequently pays out to overseas whistleblowers for credible information on misconduct, the philosophy being to accept tips from “anyone, anywhere”. Anonymity is protected and the average payment comes in at just below $5 million.
Jurisdiction is wide. To put it into an Irish context, an insider exposing tax irregularities or market manipulation at a firm based in the IFSC or Silicon Docks in Dublin, for example, could be in for a sizeable windfall if the company has a US listing.
Whether that awareness is there among Ireland’s FDI workforce is another matter. At present, the UK is the number one spot for international SEC tip offs. South Korea, Ghana, Slovakia, and Canada offer similar whistleblower reward schemes but not to the same scale as the US.
It is, however, a topic I spoke about at some length in a recent wide ranging conversation about whistleblowing with Mary Inman, partner in the London and San Francisco offices of Constantine Cannon, a US firm seasoned in the areas of antitrust and whistleblower law. Inman, who was participating in last week’s Integrity at Work online conference hosted by Transparency International Ireland, is keen to proselytise about the power of reward schemes as an effective global tool against corruption. “Look at the Danske Bank scandal, for instance. So all these hundreds of millions of dollars are laundered through the Estonian branch of Danske. None of the European regulators did anything. The whistleblower only came out because he knew Danske was regulated by the US. So he brought it to the SEC, and it’s really the SEC, that put on the pressure in the same way that LIBOR and FX manipulation was led out by the Americans,” she told me.
For those unfamiliar with Inman, her best known client is Tyler Shultz, the whistleblower who helped bring down Silicon Valley businesswoman Elizabeth Holmes, currently on trial for wire fraud at her failed blood-testing start-up Theranos, once valued at $9 billion. Shultz, grandson of the late former US secretary of state George Shultz – an evangelical early investor and board member of Theranos -was among a number of employees who reported the firm’s faulty technology to US regulators and the Wall Street Journal leading to the collapse of the company and criminal charges of Holmes and her partner Sunny Balwani. Shultz went public; other staff members chose to retain their anonymity.
Inman moved from San Francisco to London in July 2017 to launch Constantine Cannon’s international whistleblower practice.
When we speak over Zooom, she is keen to start our interview on a positive note. She says she considers Ireland quite “woke” when it comes to protecting whistleblowers. She notes the government has been faster out of the traps in the transposition of the EU whistleblowing directive, which imposes stricter obligations on employers when handling disclosures, than many other member states and she credits the work of TI Ireland and the scholarship of leading Irish academics, like Lauren Kierans and Kate Kenny, in educating the corporate community. “You punch way above your weight class in Ireland”.
When enacted, the Protected Disclosures (Amendment) Bill 2021 will require private sector organisations with 50 or more employees to establish formal reporting channels for whistleblowers. Currently reporting procedures for protected disclosures are only mandatory for public bodies.
The conversation soon moves from the letter of the law to the culture on the ground where “medieval” instincts still manifest towards whistleblowers who upset the apple cart. Our discussion takes in everything from former Barclay’s Bank chief Jes Staley (he departed the bank last month over his links to the late sex offender Jeffrey Epstein), NDAs and tech whistleblowers like Frances Haugen, to the long reach of US regulators and the implications for Ireland’s regulatory environment post-Brexit.
But we pick up below with Inman explaining her realistic but upbeat assessment of Ireland’s whistleblower ecosystem.
FC: Your positivity about Ireland’s record on whistleblowing might surprise people because historically there have been scandals, admittedly more in the public sector, involving the treatment of whistleblowers that have raised a lot of questions. And you know debates about who are the appropriate people to take whistleblowing complaints and so on, which I suppose has reflections in the private sector as well. I’m not sure if you are familiar with the Tom Burgis book Kleptopia where the UK regulator, the Financial Conduct Authority, is accused of turning a blind eye to fraud claims in the London branch of a Swiss bank. In Ireland, Jonathan Sugarman in the financial sector said he had a similar experience and certainly it seems that the law may be all well and good, but if the powers that be don’t appear to act on it, you still have a huge problem.
MI: One hundred per cent. So that, very much all of that, is the practical on the ground things that are happening for sure. You know, in the United States we’re not particularly welcoming of whistleblowers either. We have a different model, and we can talk a little bit about that. But in terms of Europe and legislatively, you’re ahead of the curve, and I can’t figure out if that’s because of your academics and the fact that TI Ireland is so prominent and effective with your legislature if that is why you’re already ahead of the game and have some really progressive ideas on how to implement the directive. But the facts on the ground, we can talk a lot about that. I just wanted to start with the positive. The facts on the ground are very much that because of Brexit, you have had so many banks move to Dublin and other parts of Ireland. That is going to create, particularly in financial services, an opportunity for all those scandals that the Financial Conduct Authority (FCA) hasn’t been able to get. They’re all going to be happening in your jurisdiction now. The law always leads and the culture needs to follow. And so now as a result of the EU directive, all companies – public, private, public institutions – with 50 or more employees have to have a hotline that follows these particular guidelines.
My fear is that – we’ve seen this happen in the UK in the wake of the financial crisis – the UK Parliament adopted the Senior Manager Certification regime, which is basically saying if you’re a senior manager, you can no longer cover your eyes and ears like you did during the crisis and you have to bring information forward to the regulator. And you have to have an anonymous bespoke programme for internal reporting mechanisms. But the first situation out of the gate was Jes Staley, the former CEO of Barclays Bank. When he hired the fancy consultants and put in these systems, the first complaint across the bow was cronyism of him and he, three times, even after being warned, tried to unmask the whistleblower. So we’re still fighting against this medieval nature in all of us that you shoot the messenger to divert attention from the message but also to cover up. That’s our instinct when people reveal problems in our organisations, not only not to celebrate them but to defang them, isolate them. We’ve seen that with the Me Too movement among many other things, basically gaslighting them to the point where they don’t even believe their own thoughts. They think I must be the only one, I’ve got to be crazy. Everyone else has drunk the Kool Aid and thinks that this is okay. That’s very much still the prevailing view around the world. But I do feel like we have to recognise that the EU directive is really making a sea change within Europe to finally create a blanket of protections. How far those protections will go are only as far as the culture.
So one of my most prominent whistleblowers is Tyler Shultz the Theranos whistleblower who exposed Elizabeth Holmes for the fraudulent blood testing company. What we learned and what the data shows and what we’re trying to get corporate and public leaders to recognise is that not only are whistleblowers not liabilities to the company, they’re not disloyal and all these medieval concepts we have about the snitch and dobbing in and all of these things. They’re actually the opposite. They’re your most loyal employees, one of your best assets. They are serving as canaries in the coal mine. They’re an early warning system for you about problems before they metastasize into the next Wirecard or big public relations scandal.
There’s some great research coming out in the US from two graduate business school professors; one at GWU [George Washington University] and one at University of Utah. They took all the data anonymised – a massive data set – from NAVEX Global, the number one provider of internal reporting mechanisms around the globe. They were given their data and they were able to show that companies that have hotlines, the mechanisms that are ringing off the hook, that are actively used; you’ve engendered trust and people feel like they can use it. They are more profitable than companies that have silent underutilised programmes and so it’s actually empirical data telling us what I think all of us know intuitively, which is that these people serve a risk management function. There is a marvellous social behavioural scientist in the UK called Christian Hunt and he says we shouldn’t call them whistleblowers, we shouldn’t call them truth tellers or speaker uppers. We should call them by what they are in business speak, they are forward indicators of risk. They’re your best risk management tool. I like to cite that because I think the only way we’re going to change corporate culture is to basically say it actually has a positive effect on your bottom line. We can point to the Wirecard scandal, there’s a gentleman by the name of Pav Gill who was working in their Southeast Asia branch when €1.9 billion went missing and you can’t account for it. He had been warning them but they didn’t listen.
The regulatory piece
FC: Are there small regulatory wins from these internal mechanisms that if procedure is not followed, you may not get the big slap down but you can get wrapped on the knuckles like doing Al Capone for tax evasion?
MI: There is. We should look at the Jes Staley case. He’s no longer at Barclays because it was found out that he was downplaying his role to Jeffrey Epstein. So he has been shown the door recently, but there’s a ton of controversy over his behaviour in doubling down to unmask this whistleblower in fact going so far as misrepresenting to the US Postal Service, that’s how the complaint came through – the US mails complained against him – of giving a pretextual reason for why they needed to have the postal inspectors figure out who it was. It just shows you the level of duplicity and intrigue. This is the instinct to cover up, right. So to your question about fines. Jes Staley was only fined Stg£600,000 by the Financial Conduct Authority. That’s bus money for somebody of his ilk and Barclays went away scot free, no fine from the regulator. Back in the United States, the New York Department of Financial Services actually also has authority and jurisdiction over Barclays and fined it $15 million, not Staley but the bank to say, ‘that’s not okay’. These are protections that protect all of us, protect markets, protect investors from bad behaviour. So there are these mechanisms in place to do slaps on the wrist but it will really depend on the Irish regulator’s appetite for imposing fines or like I said, if the US has jurisdiction, we tend to get a little more aggressive.
FC: I suppose in other sectors, like tech we see the Irish Data Protection Commission comes under a lot of heat. For example, accusations have been made that the regulator goes soft on US corporations because the economy is dependent on them.
You mentioned America. I know from a previous talk you gave, that in your work you focus on financial incentives that exist within the American system for whistleblowers regardless of whether they are in the US or not – as long as the complaint has a US connection. I presume that applies in Ireland. There are a lot of US multinational companies here. Maybe you could explain a little bit about that.
MI: It’s part of my passion. About four and a half years ago, when I was tasked to head up our whistleblower international practice at our London office, it was because of a recognition that now we actually have data. After Dodd Frank [Wall Street Reform and Consumer Protection Act 2010] and the implementation in the US, the SEC, our securities regulator, and the CFTC, our commodities regulator, now have whistleblower reward programmes where 10 to 30 per cent of any fine imposed goes to a whistleblower if the whistleblower is instrumental in helping the entity in either opening an investigation or, if an investigation is ongoing, help them actually close the deal and bring new information to the party then they will be rewarded 10 to 30 per cent, no cap. Part of what is going on in the US is that the SEC is required once a year to do a report to Congress on the data metrics on how the whistleblower programme performed. So it just came out, I got some great statistics on it. But 20 per cent of the rewards from the SEC came from overseas.
FC: And what sort of rewards would they typically come out with?
MI: It’s been a banner year. The programme is a little over ten years old, since the financial crisis, and they gave out more rewards this year, a total of $500 million, than they did in the entirety of the programme so there has now been $1.2 billion given to something like 240 whistleblowers. The average amount for an award is $5 million or less, but there have been some epic ones. The largest one out of the SEC is $114 million. And then most recently, just within the past four weeks, the CFTC, the commodities regulator, paid the largest award of all time – anywhere, any programme, and the US has lots – of $200 million. Part of the power of these programmes is that you can report anonymously, you can report confidentially as long as the fact patterns in your situation are such that even though the SEC is keeping your name confidential that the market and your employer don’t know it’s you, sometimes they do. You give up a lot when you bring the information forward. But it is interesting here with this $200 million payment we actually know who the whistleblower is. It’s the Deutsche Bank LIBOR.
That’s happening in chat rooms and European banks all over Europe because the US regulator has a long arm of jurisdiction over Deutsche Bank, then this person gets to receive $200 million, but when you backpedal and you try do the math of this 10 to 30 per cent, the CFTC only imposed an $800 million fine on Deutsche. That doesn’t get us up to $200 million. So the press release the CFTC issued obviously not revealing the name or Deutsche talked about the incredible value that this whistleblower added, but most importantly, it said we have a provision that’s called related action. So it set out that we, the Financial Conduct Authority in the UK, we tell whistleblowers if you’re going to come to us with a massive fraud like LIBOR manipulation, and you’re going to cooperate with us, but by definition, since it’s a massive scheme, you’re probably going to have to cooperate with other regulators. We will ensure from our money pool that you’ll get a percentage not just of our fines but of the foreign regulator’s fines or the DOJ criminal fines or other agencies. So this Deutsche Bank whistleblower was also given a percentage of the Financial Conduct Authority fine and that’s how it broke the $200 million mark. So my point in telling you all that is that we do not only roll out the welcome mat in the United States we have a neon flashing sign. The amount of these awards which British people have said to me are just eye watering and they’re just not palatable, I always like to bring it back to part of why we do that is we need to show to the world – I mean imagine how that news reverberates. It reverberates across the globe as a calling card for our programmes. I would also say that someone who worked at Deutsche is probably making six figures depending on how far along you are in your career, that $200 million while being a gobsmacking amount starts to look a little – if you’re a 23 year old banker, and you’ve just thrown away your career for this – then you can start to see it come into the stratosphere.
FC: I suppose from the legal perspective, these are obviously huge cases but there will be smaller instances of whistleblowers needing legal assistance. I mean, is there a lot of waiting for these payouts. Is that how you operate?
MI: I really appreciate that question because what I’ve come to learn is we’re remunerated by our clients on a contingency fee or success fee basis. And that aligns our interests to that of our clients like I’m not going to take a case I don’t think is going to win. I think when you have an attorney being paid hourly they get paid win, lose or draw. There’s something about really aligning your client and your interests by having the investment. We are much more entrepreneurial in that we basically invest in your case. So some of these state cases are massive and can take 5, 10, 13 years.
But there’s also an access to justice piece that I hadn’t really appreciated until moving to the UK and recognising that there’s not as much of an appetite for the success fee model. In working, we don’t do retaliation protections, we’re not employment lawyers. Our whistleblower specialty is exclusively in serving as matchmakers matching up the whistleblower to the US regulator who will pay you. But we work in conjunction with a lot of UK and some fantastic Irish solicitors, barristers, who do the employment piece and with most of them- they really are only representing those at the highest levels of the company who can afford the rate or whose insurance covers it. It’s an impediment that I find to be really unfortunate. We’re starting to see more UK and Irish barristers being willing to do a blended rate, to do a smaller hourly, to take a contingent and in that way, freeing up the ability for some of these whistleblowers to actually hire somebody. But yes, there’s definitely financial interest for my firm in bringing these cases but there can be a long time to pay out.
We’re starting to see an ecosystem to prop up these whistleblowers. But Frances was vital. She was really, really important, but she does stand on the shoulders of some other whistleblowers
Mary Inman
The average award is $5 million dollars or less. And the SEC just put into place new rules to facilitate because they now get 12,500 tips a year from over 120 countries around the world but the number one country year over year providing tips is the United Kingdom.
FC: About the impediments to whistleblowing, for example, you were talking about post Brexit there would be a lot more activity in financial services in Dublin. So it’s all well and good being quick to transpose the EU directive, but if you don’t have an effective regulatory system and you don’t put the resources in, you’re going to get a fairly lackadaisical sluggish system. So that’s one impediment, are there others?
MI: Those impediments are there and they’re very real and there’s always going to be the pressure to continue be lax to attract the financial services sector, which is so lucrative but what I would say is one of the checks on this and we’ve seen this with the senior managers regime in the UK, is that there is pressure put on by the Americans and by these reward programmes. Because of the SM&CR, it’s driving whistleblowers to the Americans, and that puts on this pressure. Look at the Danske Bank scandal, for instance. So all these hundreds of millions of dollars are laundered through the Estonian branch of Danske. None of the European regulators did anything. The whistleblower only came out because he knew Danske was regulated by the US. So he brought it to the SEC, and it’s really the SEC, that put on the pressure in the same way that LIBOR and FX manipulation was led out by the Americans. So the problem is that when you incentivise people to come to the US it embarrasses the existing Irish and other regulators – saying they’ve taken a huge fine for this on your watch in your jurisdiction. And so it does put on this external pressure in a way.
A low bar
FC: It sounds like certain US regulators are being flooded with complaints? Do they have the resources, are they much more efficient, more effective? I’m also curious, without going into the weeds, what is the bar, what is the threshold for a European, say, approaching an American regulator?
MI: I’ll answer the Nexus question first, so it depends on our regulator. Stick with the SEC for a minute, they also have jurisdiction under the Foreign Corrupt Practices Act. So it’s not just securities law violations; insider trading, market manipulation, all those things. Our London office has a number of Irish whistleblower clients who have worked in industries coming out of Ireland that are maybe doing extractive industries and mining industries or other industries where Irish players are paying bribes to government officials. And then these big players if they are traded on the US exchanges, even over the counter, then they can bring cases. That’s staying within that model, but we, just this year, and in the US as a result of BuzzFeed news and ICIJ’s FinCEN files investigation. So there was a whistleblower Natalie Edwards who worked within FinCEN and leaked thousands of activity reports by major players, banks around the world that the US Treasury has jurisdiction over. She basically said they’re slow peddling SARs (suspicious activity reports) and KYC (know your client) in order to onboard clients that are basically very vulnerable and likely to be laundering money.
Inman on tech whistleblowers and Non Disclosure Agreements
I have to give a shout out to Ifeoma Azoma. She’s our most famous in terms of she was with Pinterest and showed sex and race discrimination. She broke her NDA to reveal this and she just got legislation passed in California that is called the Silenced No More Act that is making these gag clauses unenforceable.
In the UK Parliament, we’re seeing the Can’t Buy My Silence move. We have to get rid of NDAs because of the in terrorem effect that they’re having. People don’t know they’re not enforceable. Silicon Valley is really good at papering up with NDAs because they mask everything as a trade secret. My client Tyler Shultz famously said ‘fraud is not a trade secret’ but you have to have the temerity and the backing.
We have seen whistleblowers [in tech] before Frances [Haugen of Facebook]. I think NDAs have masked them. I think more whistleblowing begets more whistleblowing. We’re going to see more, but also the model that Frances has put in place is one that will be replicated where she had not just legal support, she had PR support, she had financial backing. I think we’re finally reaching an awareness that we can’t ask whistleblowers to take on the giants of the world without having a multi-disciplinary team behind them.
We’re seeing the advent of these groups, including a group that we’re starting to work with called Lioness, which is a small team of journalists who are trying to get out whistleblower stories. When you have the defamation laws that make big news organisations scared about putting information out there – they actually are self publishing and fighting and facing those defamation suits and they have some big law firms who are helping them on a pro bono basis to do it. So we’re starting to see an ecosystem to prop up these whistleblowers. But Frances was vital. She was really, really important, but she does stand on the shoulders of some other whistleblowers.
We just adopted a brand new programme that will pay whistleblowers who are bringing information to Treasury about money laundering violations. So it’s really important to know that these programmes are so successful that they beget more programmes not just in the US, but also internationally. They are also relevant to Ireland and the Double Dutch and whatever the tax advantages. We have an IRS whistleblower programme, our tax regulator pays 15 to 25 per cent for whistleblowers who bring information. Transfer pricing fraud is the one that we see all the time. That American companies with US tax obligations are trying to construe operations as happening more in tax advantageous jurisdictions like Ireland when they’re happening in the US and they do some funny accounting and moving and say ‘Oh, this much of our capital was invested by our operations going through Ireland’ when it’s not true. There are tonnes of frauds that go on that way.
But most importantly, you asked about the nexus and the nexus can be really broad. The Royal Bank of Scotland wouldn’t sound like an American multinational but there have been accounting frauds they have engaged in, and we’ve seen it, but they’re traded on the US exchanges and so whistleblowers from the Royal Bank of Canada, the Royal Bank of Scotland, all of these things that don’t have an obvious glaring US connection are cases that we’ve been successful or others have been successful in bringing. If you’ve traded over the counter, if you’re engaged in bribing government officials, if it’s done in US dollars, if you don’t have controls in place in a bank to stop money laundering. I point out the money laundering thing because I think it’s really important to Dublin in terms of the financial services sector that’s really taking hold there. There’s a lot more than just the SEC that can come after them now – our FinCEN regulator – the Biden administration has drawn a really direct line between national security issues and money laundering because terrorist financing happens through money laundering. It’s a new initiative and we just filed our first submission in the space.