On August 1, 2024, the US Department of Justice (DOJ) Criminal Division introduced its Corporate Whistleblower Awards Pilot Program (Program), which, like a modern-day Western posse, aims to bring justice to the wild frontier of corporate America. The DOJ is enticing anyone willing to saddle up and provide information on corporate outlaws—i.e., those involved in corruption, financial crimes, foreign corruption, bribery, and/or healthcare fraud. In sum, the Program closes the gaps left by existing whistleblower programs and bolsters the DOJ’s efforts to combat corporate crime. For those who decide to ride with it, the DOJ is promising substantial financial rewards—up to 30 percent of the loot recovered from those outlaws—to insiders, whistleblowers, and relators who come forward with information leading to significant criminal or civil forfeiture actions. As the Program unfolds over its three-year pilot period, it will—or should—be closely watched by False Claims Act defense counsel, plaintiff’s counsel, corporate leaders, and potential whistleblowers alike. If successful, it could permanently expand whistleblower incentives and further embolden an already aggressive DOJ (as if more encouragement were needed), signaling a new frontier in corporate governance and accountability in the United States.

A Bounty for the Posse

With over a century of False Claims Act recoveries, the US government is well aware of whistleblowers’ value in fraud detection and cost recoupment. So, it is no surprise that the Program follows the same history by rewarding individuals who provide the DOJ with original, truthful, and voluntary information about corporate misconduct. However, that information must lead to a successful forfeiture exceeding $1 million in net proceeds for the whistleblowing individual to be eligible for an award. Also, not surprisingly, the scope of the Program is notably broad, covering four core areas of corporate misconduct:

1. Foreign Corruption: The Program targets corruption outside the Securities and Exchange Commission’s (SEC) jurisdiction and other existing programs. This includes bribery by international companies that do not issue securities in the United States or misconduct covered by the Foreign Extortion Prevention Act.
2. Crimes Involving Financial Institutions: The Program encourages whistleblowers to report alleged abuses within the financial system, including efforts to defraud federal regulators and/or fraudulently access US financial institutions’ services.
3. Domestic Corruption: The DOJ is particularly interested in information about companies engaged in bribing government officials within the United States.
4. Healthcare Fraud: Unlike the Civil Division’s qui tampolicy, which focuses on federal healthcare benefit fraud, this Program targets fraud involving private insurers.

The Program is structured to reward whistleblowers with a bounty of up to 30 percent of the first $100 million in net proceeds forfeited, with a sliding scale that reduces the percentage for amounts between $100 million and $500 million. Various factors influence the total reward, including the significance and usefulness of the information, the level of cooperation from the whistleblower, and the timeliness of the report. Notably, the DOJ may also choose to award up to 30 percent of the first $10 million in net proceeds forfeited if the Department determines that an award is appropriate and none of the considerations that may decrease an award are present.

Come Out with Your Hands Up

One unique element of the Program is its interplay with corporate compliance and internal reporting systems. To address this, the DOJ has temporarily amended its Corporate Enforcement and Voluntary Self-Disclosure Policy, which would allow companies that self-report misconduct within 120 days of a whistleblower’s DOJ disclosure to be eligible for a presumption of a declination of prosecution. This provision would allow the US government to save that 30 percent reward while highlighting the importance the DOJ places on companies taking internal reports seriously and disclosing potential misconduct to the authorities in a timely manner. This effort reinforces the DOJ’s ultimate strategy of encouraging robust compliance programs and responding swiftly to any internal reports of misconduct.

Posse Comitatus

While the potential rewards under the Program are significant, whistleblowers face their own challenges. To qualify for an award, whistleblowers must provide information voluntarily, without any preexisting obligation to disclose. They must not be responding to an ongoing DOJ inquiry or acting in the face of an imminent public disclosure. The information must also be complete and truthful, and the whistleblower must be willing to cooperate fully with the DOJ, which could include testifying before a grand jury or at trial.

The Program also stipulates that whistleblowers’ identities will be somewhat protected. Still, there are circumstances where their identities may be disclosed, such as in congressional reports or to defense counsel in criminal proceedings. This poses a risk to whistleblowers, who may face retaliation or other negative consequences due to their disclosure. Additionally, the time and expense involved in cooperating with the DOJ can be considerable, making the decision to come forward daunting.

Federal Contractors and Subcontractors—The Compliance Land Barons

There is no escaping the fact that federal contractors are often involved in high-stakes, high-value contracts like those in the Program’s crosshairs (e.g., healthcare, financial institutions, overseas work). On top of that, contractors are burdened with a litany of often dynamic contractual requirements (we’re looking at you, Domestic Preference and Cybersecurity regulatory regimes) that many contractors and subcontractors may not fully understand or embrace. The challenge here is recognizing that the Program expands the range of misconduct that can lead to whistleblower reports, which, even if not eventually justified, could increase the likelihood of contractors being implicated in DOJ investigations and enforcement actions if whistleblowers come forward with potentially relevant information.

For this reason, contractors must double down on their efforts to publicize their internal reporting mechanisms and make managers even more sensitive to potential compliance concerns. The Program has a “Dead or Alive” vibe by not requiring whistleblowers to first raise the issue internally. Despite the ability for awards to increase if the internal mechanisms are tried/used, the Program may serve to undermine existing contractor internal compliance mechanisms and gently encourage whistleblowers to report misconduct directly to the DOJ, even before utilizing internal company channels. Some, after all, is better than none. Moreover, suppose employees take the DOJ up on this kind of invitation. In that case, contractors might miss the opportunity to rectify problems before they escalate into full-blown and costly DOJ investigations. This means that federal contractors must enhance their compliance programs and internal reporting mechanisms so potential whistleblowers can use internal systems and help ensure that any reports of misconduct are promptly and thoroughly investigated. Failing to do so could lead to whistleblowers going directly to the DOJ, increasing the risk of severe legal, financial, and reputational consequences.

How to Get the Ranches in Order

Facing increased risks of legal exposure, federal contractors and subcontractors need to engage in stronger compliance measures to ensure they can detect and address corporate misconduct. The DOJ’s continued—and repeated—focus on leveraging whistleblowers should reinforce federal contractors’ need for caution. Indeed, contractors must ensure their ranch is in order and have strong defenses to keep their employees from joining the posse against them. Because once the posse is on your trail, there’s no telling when or if it might get to you. This will require an increased commitment to all facets of federal contract compliance.

Moreover, it also means that companies not only have to practice that compliance but also need to preach it. Contractors and subcontractors must train and demonstrate to their employees that the company takes compliance seriously and has the necessary mechanisms to properly and promptly address raised concerns. Recommended actions:

• Enhance Monitoring and Reporting: Strengthen internal compliance programs to focus on areas most susceptible to scrutiny and misconduct, such as financial practices, corruption, and healthcare fraud. If this is your business line, ensure your programs are robust enough to identify and address issues before they escalate.
• Implement Comprehensive Training: Regularly train employees on compliance, ethical behavior, and the proper channels for reporting misconduct. More importantly, ensure they understand the company takes federal regulations and the potential consequences of noncompliance extremely seriously.
• Encourage Internal Reporting: Ensure internal reporting mechanisms are accessible, trustworthy, and responsive. Make it easy for an employee to say something if they see something. Let them know it’s OK (and encouraged) to ask questions, then make sure those questions are answered clearly, with patience, and to the satisfaction of the question-raiser. Empower and educate your employees so they feel/know that their reports will be taken seriously and handled appropriately. This can reduce the likelihood of employees bypassing internal systems in favor of reporting directly to the DOJ.
• Respond Swiftly to Internal Reports: Embed mechanisms ensuring a report is investigated quickly to remediate any issues promptly. Demonstrated, decisive action can prevent issues from becoming more serious while reflecting the company’s commitment to compliance.
• Conduct Regular Compliance Audits: Whether through an internal or external resource, don’t get caught flat-footed—conduct regular audits to identify potential risk areas and ensure compliance protocols are followed. These audits should cover all aspects of the business, focusing on high-risk areas such as financial transactions, supply chain coordination, cybersecurity, and interactions with government officials.
• Perform Risk Assessments: Federal contractors should perform comprehensive risk assessments to identify vulnerabilities that could lead to whistleblower reports. This includes assessing the effectiveness of current compliance measures and making improvements where necessary.
• Carry Out Legal and Crisis Management Planning: Sad but true, savvy contractors should have a plan to respond to whistleblower reports that escalate to DOJ investigations. This includes having legal counsel ready to advise on compliance issues and strategies for minimizing legal exposure. The team should also include HR (for necessary whistleblower protection) and IT (for document collection and preservation).
• Prepare for Reporting and Mandatory Disclosure: Nobody wants to, and nobody likes it, but contractors should be prepared to disclose potential issues voluntarily before a whistleblower reports them. Leadership should understand that if misconduct is reported internally, the Program allows federal contractors a 120-day window to benefit from a presumption of declination of prosecution and obtain more favorable treatment under the DOJ’s Corporate Enforcement and Voluntary Self-Disclosure Policy. This reporting, however, should be distinct from notifying the Contracting Officer as may be required under the clause at FAR 52.203-13, Contractor Code of Business Ethics and Conduct, which should also be addressed.

The Corporate Whistleblower Awards Pilot Program significantly reinforces the already potent False Claims Act and aims at the heart of corporate accountability. This is not just a program to “know about” or be scared of; it requires directed action. The thundering hooves of the posse the Program gathers can grow deafening quickly, especially if it arrives at your front porch—warranted or not. If federal contractors cannot pivot and ensure that their compliance programs are robust enough and that employees understand them well enough to forgo a significant payday, those contractors may be seeing their employees, gun drawn, staring down from horseback.

[View source.]