Aside from pirates, no rogues are more romanticized than highwaymen. In the 1600s and 1700s, robbers on horseback wielded gun and sword to hold up travelers on French and English roads. Like many European customs, highway robbery migrated to the colonies. Here, we mostly think of the stagecoach holdup men (and sometimes women) who preyed on westbound stages bearing pioneers and, especially, cash and gold, between the Civil War and the early 20th century. It has been said that Wells Fargo stagecoaches were robbed nearly 350 times in the 14 years between 1870 to 1884 alone. https://truewestmagazine.com/article/stagecoach-holdups/. Wells Fargo has certainly tried to get even in the decades since (see, e.g., https://financhill.com/blog/investing/wells-fargo-scandals-timeline), but that's another story.
Since the closing of the West and the coming of the automobile, the role of the stagecoach has come to be played by the Brinks truck. A Brinks truck can hold as much as a half billion dollars were it filled to the roof, but insurance limits a Brinks truck's cargo to $2 million. Even so, the Brinks truck has become a metaphor for a cash haul, and $2 million is enough to entice many a modern miscreant. Brinks truck holdups make the news with some regularity, and are great for copy and cinema. When currency becomes digital, and Brinks trucks obsolete, I think we will miss them.
For now, though, Brinks is ever the tempting target. However, the latest to pull off a Brinks heist were the sort that pack briefcases instead of guns. In a recent enforcement action, the SEC collected $400,000 from the Brinks Company for supposedly violating the whistleblower rules. In the Matter of the Brinks Company, Inc. https://www.sec.gov/litigation/admin/2022/34-95138.pdf. But when you read the settlement closely, you see what is really happening is the SEC relapsing into an old habit of reading more into its rules than are really there.
The staff charged Brinks with requiring employees to sign confidentiality agreements, both in employment contracts and in severance arrangements. The employees agreed not to provide information to government authorities without letting Brinks know in advance. The facts are a little more complicated. It turns out Brinks had two separate legal departments, a Virginia Group and a Texas Group, and each tended to have its own version of the confidentiality agreement, and they weren't in sync. But the staff's overall gripe is the same for both. The charge is that these confidentiality agreements violated Rule 21F-17 promulgated under the Dodd Frank Act's whistleblower protection provisions because they didn't expressly carve out a permission to communicate with the SEC.
According to the SEC staff, Brinks should have known better. The staff noted that the SEC had first brought an enforcement action for a similar violation of Rule 21F-17 in 2015, and had brought eight more actions since then, so "The new rules were well-publicized at the time."
That was true. However, the most recent of those nine cases is dated January 19, 2017. You may recall that as the last full day of the Obama administration. During the Dark Ages that followed, not a single enforcement action based on a violation of Rule 21F-17 appears. The Brinks case therefore resumes an enforcement regime that had lain dormant for over five years.
And what of that enforcement regime? All legal cases must - should? - begin with the text of the law being violated. As the SEC noted in the Brinks case, "Rule 21F-17 prohibits any person from taking any action to impede an individual from communicating directly with the Commission, including by 'enforcing, or threatening to enforce, a confidentiality agreement. . . .'" So, the question that should be asked is, did Brinks "enforce, or threaten to enforce, a confidentiality agreement"? One would think that if Brinks did, the settlement order would've said so - and it doesn't.
In fact, none of the nine prior cases that the SEC cited as precedent said so. Quite the contrary, in the very first case that the SEC brought under Rule 21F-17, the order states (at paragraph 7):
Though the Commission is unaware of any instances in which (i) a KBR employee was in fact prevented from communicating directly with Commission Staff about potential securities law violations, or (ii) KBR took action to enforce the form confidentiality agreement or otherwise prevent such communications, the language found in the form confidentiality statement impedes such communications by prohibiting employees from discussing the substance of their interview without clearance from KBR's law department under penalty of disciplinary action including termination of employment. This language undermines the purpose of Section 21F and Rule 21F-17(a), which is to "encourage[e] individuals to report to the Commission." Adopting Release at p. 201.
See In the Matter of KBR, Inc., Exchange Act Rel. No. 74619 (April 1, 2015), https://www.sec.gov/litigation/admin/2015/34-74619.pdf. That statement is repeated, in substantially the same form, in most of the other cases which the staff cited as precedent to justify its charges against Brinks.
But look at the logic here: insofar as it applies to confidentiality agreements, Rule 21F-17 expressly prohibits only "enforcing, or threatening to enforce, a confidentiality agreement." Surely if any specific contractual language was prohibited, the Rule would have said so, and it doesn't. And the staff admits there's no evidence of any enforcement of, or threat to enforce, any confidentiality agreement, or that anyone was otherwise prevented in any way from communicating with the SEC. This, then, is the functional equivalent of saying, "We know you didn't do anything the rule says you shouldn't do, but we're going to bust you anyway."
In the Brinks case, the staff raised another interesting fact. Apparently, outside counsel for the Texas Group sent a client advisory, which was circulated to both Groups, recommending that confidentiality agreements expressly permit whistleblowing to the SEC. That's good advice. But lawyers don't just give advice to keep clients from breaking the law; they mostly give advice to keep their clients under radar, to ensure they stay clear of any regulatory entanglements. Moreover, reliance on advice of counsel is usually a defensive measure, a way to prove to authorities that you acted in good faith because you just did what your lawyer said you should do. Brinks, somewhat perversely, turns legal advice into something you could be fined for not following. As a lawyer who gives advice, I find charming the notion that my advice should be law itself. But that is not the way it is or should be.
What we see in these cases is regulatory enforcement mission creep. By its very language, Rule 21F-17 does not regulate the language of confidentiality agreements. It only prohibits the enforcement or threatened enforcement of such agreements to impede communications to the SEC. To bring actions against parties based solely on the text of a confidentiality agreement, where no enforcement or threat of enforcement exists, is regulatory highway robbery. This is the stuff that gives regulators a bad name, and it happens again and again.
ABOUT THE AUTHOR