Whistleblowing and other conflicts of law

1

• Whistleblowing and other conflicts of law
• Corporate Counsel Symposium, Antwerp
• Marly Didizian
• 5 March 2009

2
Agenda
SOX Whistleblowing SOX Accountants Pre-trial
discovery
3

• The Sarbanes-Oxley Act of 2002
• Applies to all companies (US and non-US) whose
  securities are
• registered under section 12 of US Securities
• Exchange Act 1934 or
• that file or are required to file periodic
  reports with the
• US Securities and Exchange Commission (SEC)
• under US Securities Exchange Act 1934
• and their accountants

4
SOX Whistleblowing hotlines - Why were they
introduced? - What obligations do they impose? -
What conflicts arise? - How can they be
resolved?
5
SOX Whistleblowing hotlines Why were they
introduced? - US doctrine of employment at
will- limited and patchwork protection for
whistleblowers- Enron proved the need for
enhanced whistleblowing provisions
6
SOX Whistleblowing hotlines What obligations
does SOX impose? - s.301 establish procedures
for handling complaints, including confidential
anonymous, submissions by employees, regarding
accounting, internal accounting controls and
auditing matters - s.406 companies must
establish a code of conduct for senior financial
officers inc. reporting of illegal or unethical
behaviour - s.806 - ensure the protection of
US whistleblowers
7
SOX Whistleblowing hotlines What conflict
arise? - Data Protection e.g. CNIL decision
that McDonalds hotline disproportionate to the
objectives sought and create risks of slanderous
denunciation - Employment Law e.g. German
Labour Court of Appeal decision in Wal-Mart.
Hotline requires works council consent- Other
e.g. constitutional rights in Spain
8

• SOX Whistleblowing hotlines
• How can conflicts be resolved?
• Article 29 Working Party Guidance
• - proportionality
• - limit to financial/accounting matters
• - limit who can use the scheme - limit who
  can be accused - confidential not anonymous
  submissions - retention periods limited to two
  months - need to inform employees of scheme
  - data subjects rights - management in
  country dedicated team

9

• SOX Whistleblowing hotlines
• How can conflicts be resolved?
• residual conflicts
• - limited scope - categories of individuals -
  anonymity (e.g. Spain)Full compliance with SOX
  whistleblowing requirements and non-US laws is
  still difficult.

risk-based approach needed, allowing for
country variations
10
SOX Accountants - What obligations does SOX
impose?- What conflicts arise?- How can they
be resolved?
11
SOX Accountants What obligations does SOX
impose? - s.102 prohibits accountants from
issuing audit reports unless registered with
PCAOB. Intrusive registration form.
Open-ended/forward-looking consent - s.106 -
produce audit workpapers to PCAOB or
SEC.Accountants that contribute to consolidated
accounts are deemed to consent to these
requirements
12

• SOX Accountants
• What conflicts arise?
• data protection- client confidentiality-
  employment law- bank secrecy- national
  sovereignty
• NB new Directive on Statutory Audits

13

• SOX Accountants
• How can they be resolved?
• initially no resolution- PCAOB/Rule 2105 -
  legal opinion - waivers and consents

• Current landscape
• Similar schemes now also being introduced in
  Japan (J-Sox) and other countries
• SEC investigations recognise EU data privacy
• other US investigation authorities (eg DOJ) very
  familiar with EU data privacy

14
Pre-Trial Discovery - Background - What
conflicts arise? - How can they be resolved?
15
Pre-Trial Discovery
Common Law (US,UK etc) Discovery encompasses
documents likely to help or hinder a partys
case US Courts may order discovery of material a
party has control or access to even if held
outside of the US Includes electronic
information Litigation hold generally required
Civil Code (many EU States) More restrictive
approach which only requires a party to produce
documents supporting their case Local law may
not recognise US court order or may even have
blocking statutes (e.g. in France)
16

• Pre-Trial Discovery
• Background - Privacy Impact
• disclosure of information may include personal
  data
• especially electronic data such as emails
• scale of disclosure can be massive, e.g. -
  Digicel v Cable Wireless 2008 2522 -
  disclosure trawl produced 1,140,000 docs
• reduced to 197,000 though filtering
• reduced to 5,212 by manual review
• exercise took 6,700 hours and cost 2.1 million

17
Pre-Trial Discovery ENRON The US Approach to
Privacy?
18
Pre-Trial Discovery ENRON The US Approach to
Privilege?
19

• Pre-Trial Discovery
• What conflicts arise?
• national blocking statutes e.g. France- data
  privacy law
• client confidentiality- employment law-
  bank secrecy
• sound familiar?

20

• Pre-Trial Discovery
• How can conflicts be resolved?
• Article 29 Working Party Guidance (New Feb 2009)
  
• - make request through the Hague Convention
  (NB some States have opted out e.g. France,
  Germany) - filter (for relevance) and anonymise
  or pseudo- anonymise (to remove extraneous
  personal data) within the EU - notify
  affected individuals - ensure that legal
  support suppliers hold data
• securely

21

• Questions?

Marly Didizian Partner - Technology, Media and
Telecommunications Global Co-head of the IT
Business Services Sector marly.didizian_at_linklaters
.com 44 2 0 7456 3258