The in-house legal department of a large engineering corporation receives a tip alleging fraudulent activity in its administration regarding a major federal government contract. In accordance with company policy, the legal department launches an internal investigation of the matter and proceeds to schedule fact-finding interviews with dozens of employees involved in the contract or possibly possessing information relevant to the investigation.
Before being interviewed, each employee is required to sign a statement acknowledging his or her confidentiality obligations. This statement reads as follows:
In order to protect the integrity of this investigation, I agree not to disclose any particulars relating to this interview, or the subject matter discussed herein, to any other person or entity without prior authorization from the company's legal department. I understand that violation of the terms of this agreement will be grounds for disciplinary action up to and including immediate termination of employment. Furthermore, to the extent that unauthorized disclosure of any information related to this interview may cause irreparable harm to the company, I acknowledge that the company reserves the right to take any and all legal action necessary to enforce the terms of this agreement and to pursue any breach or alleged breach of confidentiality.
Assuming that all of the parties described in this scenario are ASCE members, can an employee with specific knowledge of fraud abide by this agreement's terms and still meet his or her ethical obligations? Conversely, is it ethical for an employer to require employees not to disclose information about corporate fraud without the company's permission?
In discussions of the ASCE Code of Ethics, it is often noted that disclosure to an outside authority is expressly required only when an engineer has knowledge of a violation of canon 1's requirement to "hold paramount the safety, health, and welfare of the public." Yet an ethical obligation to disclose misconduct may be inferred from other sections of the code as well, for example, canon 6: "Engineers shall act in such a manner as to uphold and enhance the honor, integrity, and dignity of the engineering profession and shall act with zero tolerance for bribery, fraud, and corruption."
As the most recent amendment to the code, canon 6's "zero tolerance" language was added in 2006 upon the recommendation of ASCE's Task Committee on Global Principles for Professional Conduct. The intent of the revision was to strengthen the profession's commitment to combating fraud and corruption in the engineering and construction industries and to remind engineers of their ethical obligation to refuse to take part in fraudulent activities. And if such activities include attempts to cover up instances of past or continuing misconduct, then zero tolerance means reporting those unresolved fraudulent activities.
Applying the framework of zero tolerance to the situation described above, the company's efforts to investigate allegations of fraud appear to be fully consistent with the goal of combating corruption. To the extent that these efforts are supported by its employees' commitment to respect the investigation process and not aggravate the situation by disclosing sensitive details to others inside or outside the workplace, confidentiality is consistent not only with the engineer's stance of zero tolerance but also with the obligation set forth in canon 4 to serve his or her employer as a faithful agent or trustee. Likewise, it is not only prudent but also ethically permissible for an employer to remind employees of their fiduciary obligations to the company and to solicit their assistance in allowing the employer time to conduct an investigation and determine the appropriate course of action
However, the draconian language in the agreement described above may suggest concerns about the integrity of the investigation, raising questions as to whether the true purpose of the statement is not to remind employees of their duty to the company but to intimidate them. If in the course of cooperating, it becomes clear that the investigators' intent is not to expose but to conceal the fraud, then an engineer might reasonably conclude that zero tolerance requires him or her to violate the terms of the agreement and to disclose his or her knowledge to upper management within the company or to the appropriate authorities. In similar fashion, any employer who seeks to suppress disclosure of corporate misconduct by silencing potential whistle-blowers would certainly have failed to meet his or her own ethical obligation to demonstrate zero tolerance
While the situation outlined here is purely hypothetical, it is loosely based on a case that was recently in the news. In April the U.S. Securities and Exchange Commission (SEC) announced the results of an administrative action against the Houston-based engineering firm and government contractor KBR. The SEC alleged that the confidentiality language used by KBR in conducting internal investigations violated the Dodd-Frank Act, a federal law prohibiting publicly traded companies from hampering individuals wishing to communicate with the SEC about possible securities violations.
The company defended its confidentiality language, claiming that the goal of the language had been not to silence whistle-blowers but to preserve attorney-client privilege in discussions between its attorneys and other staff members. Moreover, the company noted that, while it encouraged its employees to come forward with complaints, the majority of such complaints proved to be unfounded. Thus, the
confidentiality agreement was intended merely to dissuade employees from public discussion of meritless claims.
While acknowledging that there was no evidence that the company had ever prevented an employee from contacting the SEC or that it had ever taken any action to enforce its confidentiality agreement, the SEC nevertheless contended that the "blanket prohibition against witnesses discussing the substance of [an] interview [had] a potential chilling effect on whistle-blowers' willingness to report illegal conduct." The company ultimately proposed a settlement, which the SEC accepted, by which the company paid a fine of $130,000 and agreed to amend its confidentiality statement to include the following:
Nothing in this Confidentiality Statement prohibits me from reporting possible violations of federal law or regulation to any governmental agency or entity, including but not limited to the Department of Justice, the Securities and Exchange Commission, the Congress, and any agency Inspector General, or making other disclosures that are protected under the whistleblower provisions of federal law or regulation. I do not need the prior authorization of the Law Department to make any such report or disclosures and I am not required to notify the company that I have made such reports or disclosures.
While the legal provision cited by the SEC applies only to publicly traded companies, protection of individuals seeking to report fraud or misconduct is an element of numerous other laws, for example, the federal False Claims Act, and it is a well-established precedent in state and federal case law as well. To avoid falling afoul of any whistle-blower or antiretaliation ruling, employers may wish to review the language in their existing confidentiality, severance, or similar agreements to ensure that it could not be construed as having a chilling effect on whistle-blowers
More important for the purposes of this column, this example serves as a timely reminder to employers and employees alike that while it may be reasonable to protect an employer's confidentiality when investigating potential misconduct, using confidentiality as a weapon to suppress disclosure of substantiated misconduct is inconsistent with a corporate culture professing to have no tolerance for fraud or corruption.