Ontario whistleblower policy seen strong on compliance culture, weaker on incentives, confidentiality

July 19, 2016

Ontario’s incoming securities whistleblower program will promote better compliance culture among market participants, but the limited incentives and confidentiality it offers to informants may hamper its effectiveness, legal experts have warned.

The Ontario Securities Commission (OSC), regulator of Canada’s largest markets, launched its Office of The Whistleblower and began accepting capital market misconduct tips on July 14, 2016. It will be headed by former OSC Deputy Director of Enforcement Kelly Gorman, who oversaw the development of the accompanying whistleblower policy framework (PDF), which is the first of its kind in Canada.

The program’s key features include:

    • Rewards: Informants can receive up to C$5 million for disclosing information about misconduct that leads to large monetary penalties. Useful information that results in enforcement action, but without significant fines, can earn rewards up to C$1.5 million.


    • Anti-retaliation measures: The policy includes strict rules and penalties against retaliation by employers, and the Government of Ontario has pledged to reinforce those protections by adding them to the Ontario Securities Act.


    • Broad eligibility: To be eligible, whistleblowers must voluntarily report “high-quality,” original information that contains “timely, specific, and credible facts” about securities law violations, resulting in administrative proceedings or a settlement. The framework was updated to grant award-eligibility to company directors, officers, chief compliance officers (CCOs), in-house and external counsel, and culpable informants. Rewards to informants that participate in misconduct will be judged against the severity of the offence.
    • No ‘report-internally-first’ requirement: The policy encourages informants to use their firm’s internal reporting and compliance functions to report concerns before contacting the OSC, but it does not require them to do so.

The OSC’s approach took many cues from the U.S. Dodd-Frank Act Whistleblower Program, as implemented by the U.S. Securities and Exchange Commission (SEC), which launched its ownwhistleblower bureau in 2011.

Incentives and results

The OSC believes that financial rewards will generate actionable information on complex securities violations that would otherwise have been difficult to detect.

The incentives, however, may be insufficient to entice higher-ranking informants that likely have the best information, Linda Fuerst, a senior partner at Norton Rose Fulbright in Montreal, told Thomson Reuters Regulatory Intelligence.

“The limitation of the Ontario policy is that the award amounts are significantly lower than in the U.S., so it’s hard to say to what extent the money is going to incentivise people to come forward, particularly if they are in senior positions, because they have a lot more to lose,” she said.

The U.S. Securities and Exchange Commission has paid millions of dollars to individual whistleblowers, including a $30 million payout to one informant in 2014, its largest so far. Between May and June 2016, alone, the SEC announced whistleblower awards of $17 million, $5 million, and $3.5 million.

Those enormous sums have helped encourage thousands of tips. Since August 2011, the American regulator has received over 14,000 whistleblower reports (PDF), with progressively more tips being filed each year.

Compliance culture

The OSC’s new whistleblower policy is part of the regulator’s broader initiative to improve overall compliance culture in the industry. It is intrinsically linked to the OSC’s revised credit for co-operation program, which grants leniency to firms that self-report compliance violations.

One program encourages companies to create an internal culture of transparency and accountability, while the other rewards companies for successful self-policing.

Since the framework does not require informants to report misconduct to their employers before approaching regulators, firms have a strong incentive to adopt policies that encourage employees to come forward. Doing so will give companies more opportunities to control compliance events and regulatory outcomes.

Through its complementary enforcement initiatives, the OSC has communicated that “firms have an obligation to create a culture of compliance and a culture of openness, where people can come forward,” said Ramandeep Grewal, a counsel at Toronto-based Stikeman Elliot. “The whistleblower component gives it more of a framework and a clear public face. Ultimately that will be to the benefit of everyone involved.”

During the OSC’s consultation process, many market participants complained that the absence of a report-internally-first requirement, combined with financial rewards, could motivate employees to go straight to the regulator.

That dynamic could cost companies the ability to qualify for credit-for-cooperation, Fuerst said. To address that concern, the OSC said it would consider internal reporting when determining rewards. “The fact that an informant had first reported internally to the corporation is something that would potentially increase the size of the award,” Fuerst noted.

The SEC’s 2014 whisteblower report (PDF) noted that 80 percent of whistleblowers did, in fact, report misconduct internally first, but turned to regulators when their firms failed to address the violations.

Privacy concerns

Despite its significant deterrence against employer retaliation, the OSC’s whistleblower program showed some weakness in the area of confidentiality, both experts said.

“With respect to protecting informant privacy, I think there is a risk that their identity will have to be disclosed by the regulator,” Fuerst said. “Certainly, if the OSC decides to commence enforcement proceedings as a result of a tip, then it’s highly likely that the identity of the whistleblower will have to be disclosed to the respondent in that proceeding.”

The policy states that the OSC will “make all reasonable efforts” to protect informants’ confidentiality. While being short on details, it does specifically bar commission staff from revealing whistleblower identities to other regulators, without first obtaining the individuals’ consent.

Feurst noted, however, that the OSC could not legally have adopted a stricter policy, “because respondents are entitled to full and complete disclosure, and that’s going to include the source of information”.

Grewal added that some service providers, such as accountants and lawyers, may experience conflicts with respect to their obligations vis-a-vis clients.

“We have to see the first few examples of reporting come out, where people have to weigh what obligations they have,” Grewal said. “There will be a trade-off for some people.”

(Daniel Seleanu is a correspondent for Thomson Reuters Regulatory Intelligence in Toronto. Email Daniel at daniel.seleanu@thomsonreuters.com)

(This article was produced by Thomson Reuters Regulatory Intelligence and initially posted on July. 7. Regulatory Intelligence provides a single source for regulatory news, analysis, rules and developments, with global coverage of more than 400 regulators and exchanges. Follow Regulatory Intelligence compliance news on Twitter: @thomsonreuters)

No comments so far

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/