A defense contractor accused of using restrictive severance agreements that would “chill” whistleblowers has agreed to settle the accusations and pay $265,000 in penalties, the Securities and Exchange Commission announced.

The announcement marks the latest victory in the federal government’s ongoing campaign to encourage and reward whistleblowers, including employees who uncover fraud, waste and abuse in their workplaces. It’s also a sign that federal regulators’ crackdown on companies that use contracts restricting employee whistleblower activity have expanded their efforts beyond overzealous confidentiality agreements and are now focusing on the more subtle ways companies try to circumvent whistleblower-protection rules.

Problematic Confidentiality Clause

According to the SEC’s cease-and-desist order, around 160 departing employees of Atlanta-based BlueLinx Holdings Inc. had to sign severance agreements with a confidentiality clause obligating them to notify BlueLinx, in writing, before they could disclose confidential company information to “any person or entity not expressly authorized” by BlueLinx.

The confidentiality clause didn’t make an exemption for former employees filing whistleblower claims or other charges with government watchdog agencies. This effectively “forced those employees to choose between identifying themselves to the company as whistleblowers or potentially losing their severance pay and benefits,” according to the SEC.

The Next End-Run Around Whistleblower Laws: Monetary Recovery Waivers

According to the SEC, another clause of the severance agreement started innocuously enough, acknowledging that nothing in the agreement prevented a departing employee from filing a claim or charge with an administrative agency—i.e., blowing the whistle. But the clause then went on to state that the signing employee “understands and agrees that Employee is waiving the right to any monetary recovery in connection with any such complaint or charge.”

In so doing, “BlueLinx removed the critically important financial incentives that are intended to encourage persons to communicate directly with the Commission staff about possible securities law violations,” the SEC said.

Ultimately, BlueLinx agreed to settle with the SEC without admitting or denying any of the allegations. In addition to paying the $265,000 penalty, the company agreed to amend the offending provisions and take reasonable steps to inform former employees of the changes.

Monetary Recovery ‘Critical’

Whistleblowers provide a valuable public service, especially in the world of defense contracting and healthcare fraud, where hundreds of billions of dollars are at stake and fraud, corruption and other malfeasance can jeopardize our men and women in uniform as well as seniors and people with disabilities who rely on federal healthcare programs. Indeed, the United States has a proud tradition of shielding and encouraging whistleblowers that dates back to the Revolutionary War. Today, strong state and federal laws are in place to protect whistleblowers from retaliation for their brave acts of disclosure.

But even strong anti-retaliation laws do not eliminate the financial and career risk whistleblowers take to expose corruption and wrongdoing. Acknowledging that these risks can deter even the best-intentioned employees from coming forward, Congress has chosen to incentivize disclosure by guaranteeing whistleblowers a reward if their claims succeed—a percentage of what the government recovers in the case. Under the False Claims Act, for example, the statute provides for whistleblowers to receive between 15 and 30 percent of the government’s recovery.

Indeed, in 2010 Congress recognized that “a critical component” of one federal whistleblower program was “the minimum payout that any individual could look towards in determining whether to take the enormous risk of blowing the whistle in calling attention to fraud.”

Going After Confidentiality Agreements: Wall Street Meets the Military-Industrial Complex

The BlueLinx settlement is a continuation of the SEC’s efforts to cultivate a strong whistleblower culture in publicly traded companies. Public companies have an outsize influence because they are the biggest players in all sectors of the U.S. economy. Moreover, millions of Americans depend on an honest stock market for their retirement, which makes stopping fraud on Wall Street even more important.

The 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act added a whistleblower program to the Exchange Act, the federal law that governs publicly traded companies like BlueLinx and which is enforced by the SEC. In 2011 the SEC enacted Rule 21F-17, which states that “[n]o person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement … with respect to such communications.”

In 2014, Congress passed a provision banning contractors or subcontractors from receiving federal funding if they use confidentiality agreements to prevent employees from reporting fraud, waste or abuse to government agencies or law enforcement. Accordingly, agencies like the Department of Veterans Affairs, the General Services Administration and the Environmental Protection Agency announced they would no longer contract with companies that restrict whistleblower activity through confidentiality agreements.

The biggest spender of all, the Department of Defense, now requires contract bidders to affirmatively state that they don’t make employees sign confidentiality agreements restricting whistleblower activity.

In April 2015 the SEC invoked 21F-17 when it fined public multinational contractor KBR $130,000 for using overbroad confidentiality agreements that—like BlueLinx’s—made no exception for employees filing whistleblower claims or other agency charges.

Focusing on Monetary Recovery

But BlueLinx’s agreement went further, attempting to defang whistleblower laws by taking away the monetary reward, which may sometimes be the only tangible positive offsetting the stress and risks of revealing that one’s employer is engaged in fraud.

“Companies simply cannot undercut a key tenet of our whistleblower program by requiring employees to forego potential whistleblower awards in order to receive their severance payments,” Jane Norberg, Acting Chief of the SEC’s Office of the Whistleblower, said in a statement.

Interestingly, the penalties the SEC extracted from BlueLinx were more than twice what it fined KBR a year ago. While BlueLinx is certainly a big fish—it reported $1.9 billion in net revenues for 2015—compared to KBR, which reported $5.1 billion in net revenues for the same period, BlueLinx is small fry. And in terms of defense contracting, KBR blows BlueLinx out of the water: BlueLinx had nearly $46 million in military contracts awarded to it between 2005 and 2010, but that pales in comparison to the hundreds of millions of dollars KBR has won and continues to win in defense bids at home and abroad.

Shortly after announcing the BlueLinx settlement, the SEC revealed that it had reached a $340,000 settlement over monetary recovery waivers with health insurance behemoth Health Net Inc., which in 2015 alone reported $628.5 million in government contract revenue and net revenues of $16.2 billion.

The increased fines suggest that the SEC and other federal agencies may be targeting their enforcement efforts on companies that don’t outright ban whistleblower activity—but which nevertheless try to get around the rules with sneaky provisions like monetary-recovery waivers.

“We’re continuing to stand up for whistleblowers and clear away impediments that may chill them from coming forward with information about potential securities law violations,” said Stephanie Avakian, Deputy Director of the SEC’s Enforcement Division.