All employers should review their confidentiality policies and agreements to ensure adequate protections for whistleblowers in the wake of recent actions by both the Securities and Exchange Commission (“SEC”) and the National Labor Relations Board (“NLRB”).

Last month, the SEC pursued its first enforcement action against KBR, Inc., which had required employees who were interviewed as part of internal investigations to sign confidentiality agreements prohibiting them from discussing the interview without the authorization of the company’s law department. Companies often seek to preclude employees from discussing internal investigations to protect the integrity of the investigation and to ensure employees do not seek to align stories or cover up evidence.

However, in the administrative proceeding filed against KBR, the SEC asserted such provisions violated the law by discouraging individuals from reporting potential securities violations. To resolve the matter, KBR consented to the entry of an order fining KBR $130,000 and requiring it to amend its standard confidentiality agreement to make clear that nothing in the agreement prohibited employees from reporting possible violations of federal laws or regulations to governmental agencies or investigators without prior authorization. In addition, KBR was required to send a copy of the SEC Order to employees who had signed the prior confidentiality agreements since 2011 and to expressly notify them that they did not need to notify the company’s counsel before communicating with government agencies. It is notable that the SEC imposed these measures, even though it acknowledged it was not aware of any instance in which a KBR employee was dissuaded from coming forward to report potential violations or of any efforts by KBR to enforce the confidentiality provisions.

The KBR action followed on the heels of media reports regarding the SEC sending out requests to dozens of public companies earlier this spring seeking copies of non-disclosure, separation and other agreements and its March announcement that confidentiality agreements were fair game for the agency.

In April, the U.S. Chamber of Commerce wrote a public letter expressing “significant concern” regarding the KBR enforcement action, noting that it is the “result of a highly subjective” application of the whistleblower rules and amounts to the SEC undertaking rulemaking through enforcement instead of a notice and comment process. The letter argues that while SEC Rule 21F-17 prohibits a company from threatening to enforce or using a confidentiality agreement to prevent an employee from communicating with SEC staff without company consent, the rule does not prevent companies from having confidentiality agreements, which are a routine part of doing business. The Chamber has urged the SEC to provide more formal guidance to the business community.

The SEC’s increased focus on confidentiality provisions mirrors that of the NLRB. In March, the General Counsel of the NLRB issued a 30-page memo taking issue with many standard employer policies and handbook provisions which the agency contends are unlawful, including standard confidentiality provisions seeking to protect various kinds of information, including customer, employee, confidential, and proprietary information. See our HR Defense blog on the General Counsel Memo here. The NLRB believes such provisions could be understood by employees to bar them from engaging in protected concerted activity concerning their wages and terms and other conditions of employment.

Although no court has yet to uphold either SEC’s or the NLRB’s position regarding confidentiality provisions, employers may want to review and revise their employee handbooks and documents, if necessary, to bring them into compliance with these agency positions.