Consumer Financial Protection Circular 2024-04: Whistleblower Protections Under CFPA Section 1057

Issuing agencies

Abstract

The Consumer Financial Protection Bureau (CFPB) has issued Consumer Financial Protection Circular 2024-04, titled, "Whistleblower protections under CFPA section 1057." In this circular, the CFPB responds to the question, "Can requiring employees to sign broad confidentiality agreements violate section 1057 of the Consumer Financial Protection Act (CFPA), the provision protecting the rights of whistleblower employees, and undermine the CFPB's ability to enforce the law?"

Full Text

<html>
<head>
<title>Federal Register, Volume 89 Issue 154 (Friday, August 9, 2024)</title>
</head>
<body><pre>
[Federal Register Volume 89, Number 154 (Friday, August 9, 2024)]
[Rules and Regulations]
[Pages 65170-65174]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2024-17539]


=======================================================================
-----------------------------------------------------------------------

CONSUMER FINANCIAL PROTECTION BUREAU

12 CFR Chapter X


Consumer Financial Protection Circular 2024-04: Whistleblower 
Protections Under CFPA Section 1057

AGENCY: Consumer Financial Protection Bureau.

ACTION: Consumer financial protection circular.

-----------------------------------------------------------------------

SUMMARY: The Consumer Financial Protection Bureau (CFPB) has issued 
Consumer Financial Protection Circular 2024-04, titled, ``Whistleblower 
protections under CFPA section 1057.'' In this circular, the CFPB 
responds to the question, ``Can requiring employees to sign broad 
confidentiality agreements violate section 1057 of the Consumer 
Financial Protection Act (CFPA), the provision protecting the rights of 
whistleblower employees, and undermine the CFPB's ability to enforce 
the law?''

DATES: The CFPB released this circular on its website on July 24, 2024.

ADDRESSES: Enforcers, and the broader public, can provide feedback and 
comments to <a href="/cdn-cgi/l/email-protection#cb88a2b9a8bea7aab9b88ba8adbba9e5aca4bd"><span class="__cf_email__" data-cfemail="2162485342544d40535261424751430f464e57">[email&#160;protected]</span></a>.

FOR FURTHER INFORMATION CONTACT: George Karithanom, Regulatory 
Implementation & Guidance Program Analyst, Office of Regulations, at 
202-435-7700 or at: <a href="https://reginquiries.consumerfinance.gov/">https://reginquiries.consumerfinance.gov/</a>. If you 
require this document in an alternative electronic format, please 
contact <a href="/cdn-cgi/l/email-protection#a6e5e0f6e4f9e7c5c5c3d5d5cfc4cfcacfd2dfe6c5c0d6c488c1c9d0"><span class="__cf_email__" data-cfemail="0e4d485e4c514f6d6d6b7d7d676c6762677a774e6d687e6c20696178">[email&#160;protected]</span></a>.

SUPPLEMENTARY INFORMATION: 

Question Presented

    Can requiring employees to sign broad confidentiality agreements 
violate section 1057 of the Consumer Financial Protection Act (CFPA), 
the provision protecting the rights of whistleblower employees, and 
undermine the CFPB's ability to enforce the law?

Response

    Yes. Although confidentiality agreements can be entered into for 
legitimate purposes, such as to ensure the protection of confidential 
trade secrets, such agreements, depending on how they are worded and 
the context in which they are employed, could lead an employee to 
reasonably believe that they would be sued or subject to other adverse 
actions if they disclosed information related to suspected violations 
of Federal consumer financial law to government investigators. Threats 
of this nature can lead to violations of section 1057 and impede 
investigations into potential wrongdoing, including the CFPB's efforts 
to uncover violations of the consumer financial protection laws it 
enforces.

Background

    Public policy in the United States long has recognized the 
important role that whistleblowing plays in preventing and stopping 
illegal and unethical

[[Page 65171]]

misconduct. One of the first Federal laws to provide protections to 
employees who reported fraud against the government was the False 
Claims Act, originally passed in 1863 and since amended. A majority of 
States since have passed their own such statutes. As Congress passed 
more legislation providing protections for employees against 
retaliation from their employers for engaging in protected 
whistleblowing activity, it empowered the Occupational Safety and 
Health Administration (OSHA), a regulatory agency of the U.S. 
Department of Labor (DOL), to adjudicate employees' retaliation claims. 
Currently, OSHA's Whistleblower Protection Program enforces the anti-
retaliation provisions of more than 20 Federal laws, including the CFPA 
as discussed below.\1\
---------------------------------------------------------------------------

    \1\ See Occupational Safety and Health Administration: 
Whistleblower Protection, <a href="https://www.whistleblowers.gov/about-us">https://www.whistleblowers.gov/about-us</a>.
---------------------------------------------------------------------------

    Many entities, including covered persons and service providers 
under the CFPA,\2\ require their employees to sign nondisclosure 
agreements (NDAs) or other types of agreements containing 
confidentiality requirements. Such agreements may indicate that 
employees who violate the agreement's terms may be subject to lawsuits, 
including the possibility of damages or other costs, as well as other 
punishment, such as termination. These types of agreements can be 
entered into for legitimate purposes--for example, to ensure the 
protection of confidential trade secrets or to safeguard the sensitive 
personal information of employees or consumers. However, depending on 
how they are worded and the context in which they are employed, 
confidentiality agreements hold the potential to frustrate the efforts 
of government enforcement agencies--including the CFPB--to investigate 
violations of law. In particular, confidentiality agreements entered 
into in certain circumstances may impede such efforts when they are so 
broadly worded as to forbid or otherwise dissuade employees from 
reporting suspected violations of law to the government or cooperating 
with a government investigation.
---------------------------------------------------------------------------

    \2\ Covered persons and service providers must comply with the 
whistleblower protection requirements of the CFPA. 12 U.S.C. 
5481(6), (26); 12 U.S.C. 5567. For simplicity, the remainder of this 
circular refers to covered persons and service providers as 
``covered persons.''
---------------------------------------------------------------------------

CFPA Section 1057

    Section 1057 of the CFPA applies to covered persons. It provides 
anti-retaliation protections for covered employees \3\ and their 
representatives who provide information to the CFPB or any other 
Federal, State, or local law enforcement agency regarding potential 
violations of laws and rules that are subject to the CFPB's 
jurisdiction. Specifically, section 1057(a) provides that ``[n]o 
covered person or service provider shall terminate or in any other way 
discriminate against, or cause to be terminated or discriminated 
against, any covered employee or any authorized representative of 
covered employees'' for: (1) providing or being about to provide 
information to the employer, the CFPB, or any other State, local, or 
Federal Government authority or law enforcement agency relating to a 
violation of, or any act or omission that the employee reasonably 
believes to be a violation of, a law subject to the CFPB's jurisdiction 
or prescribed by the CFPB; (2) testifying or intending to testify about 
such a potential violation; (3) objecting to or refusing to participate 
in any activity, policy, practice, or assigned task that the employee 
reasonably believes to be such a violation; or (4) filing any lawsuit 
or instituting any other proceeding under any Federal consumer 
financial law.\4\
---------------------------------------------------------------------------

    \3\ A ``covered employee'' is defined as ``any individual 
performing tasks related to the offering or provision of a consumer 
financial product or service.'' 12 U.S.C. 5567(b).
    \4\ 12 U.S.C. 5567(a).
---------------------------------------------------------------------------

    Section 1057(c) provides procedures by which a person who believes 
they have been discharged or otherwise discriminated against in 
violation of section 1057(a) may file a complaint with DOL, and a 
process by which DOL shall investigate and adjudicate such 
complaints.\5\ It further specifies the procedures for appealing DOL's 
decisions in Federal court. The CFPB also has independent authority to 
enforce section 1057.\6\ Section 1057(d) provides that, outside of 
limited circumstances, contractual provisions that purport to waive the 
rights and remedies granted by section 1057 are unenforceable.\7\
---------------------------------------------------------------------------

    \5\ 12 U.S.C. 5567(c).
    \6\ 12 U.S.C. 5563(a)(1), 5564(a).
    \7\ 12 U.S.C. 5567(d). This provision applies to pre-dispute 
arbitration agreements, which it states are not valid or enforceable 
to the extent they require arbitration of disputes arising under 
section 1057. 12 U.S.C. 5567(d)(2).
---------------------------------------------------------------------------

    Accordingly, section 1057 makes it unlawful for a covered person to 
discriminate against an employee for whistleblowing with respect to 
suspected violations of Federal consumer financial law. As explained 
below, discrimination in this sense may include suing or threatening to 
sue or otherwise taking or threatening to take adverse action against 
employees for engaging in whistleblowing activity. And, in certain 
circumstances, requiring employees to sign confidentiality agreements 
that are so broad as to forbid or otherwise dissuade employees from 
sharing information about potential law violations with the government 
or cooperating with a government investigation can amount to a threat 
to punish.

Analysis

    The CFPB is issuing this circular to remind regulators and the 
public that covered persons who in certain circumstances require their 
employees to enter into broad confidentiality agreements that do not 
clearly permit communications with government enforcement agencies or 
cooperation with law enforcement investigations risk violating the 
CFPA's prohibition on discrimination against whistleblowers and 
undermining the government's ability to enforce the law.
    As noted above, section 1057(a) prohibits covered persons from 
terminating or otherwise discriminating against covered employees for 
engaging in whistleblowing activity. The term ``discriminate against'' 
is broad and encompasses a variety of adverse actions that a covered 
person may take against covered employees.\8\ The use of the term in 
multiple whistleblower protection statutes passed by Congress reflects 
this understanding.
---------------------------------------------------------------------------

    \8\ At its essence, to ``discriminate'' means ``to make a 
distinction'' or ``to make a difference in treatment or favor on a 
basis other than individual merit.'' Discriminate, <a href="http://Merriam-Webster.com">Merriam-Webster.com</a>, <a href="https://www.merriam-webster.com/dictionary/discriminate">https://www.merriam-webster.com/dictionary/discriminate</a> 
(last visited July 17, 2024); see also Murray v. UBS Securities, 
LLC, 601 U.S. 23, 34 (2024) (explaining meaning of ``discriminate'' 
under analogous anti-retaliation provision in the Sarbanes-Oxley 
Act, 18 U.S.C. 1514A, and holding that while the employee had to 
prove his protected activity was a contributing factor in the 
unfavorable personnel action, he did not also have to prove his 
employer acted with retaliatory intent).
---------------------------------------------------------------------------

    For example, section 23 of the Commodity Exchange Act (CEA), which 
Congress passed as part of the Dodd-Frank Wall Street Reform and 
Consumer Protection Act (DFA, of which the CFPA is a part), created a 
whistleblower awards program and protection for whistleblowers.\9\ 
Section 23, which is administered by the Commodity Futures Trading 
Commission (CFTC), states ``[n]o employer may discharge, demote, 
suspend, threaten, harass, directly or indirectly, or in any other 
manner discriminate against, a whistleblower in the terms and 
conditions of employment because of any lawful act done by the 
whistleblower'' in providing

[[Page 65172]]

information to the CFTC.\10\ Likewise, Congress created a whistleblower 
awards program and related protections when it passed section 21F of 
the Securities Exchange Act of 1934, also part of the DFA. Section 21F, 
which is administered by the Securities and Exchange Commission (SEC), 
identically provides that ``[n]o employer may discharge, demote, 
suspend, threaten, harass, directly or indirectly, or in any other 
manner discriminate against, a whistleblower in the terms and 
conditions of employment because of any lawful act done by the 
whistleblower'' in providing information to the SEC.\11\ Congress thus 
made clear that the term ``discriminate against'' encompasses a variety 
of adverse actions--including threatening employees--listed in these 
statutes, in addition to other actions that employers may take to 
prevent or dissuade employees from whistleblowing or to punish them for 
whistleblowing.\12\
---------------------------------------------------------------------------

    \9\ 7 U.S.C. 26. See Commodity Futures Trading Commission: 
Whistleblower Protections, <a href="https://www.whistleblower.gov/protections">https://www.whistleblower.gov/protections</a>.
    \10\ 7 U.S.C. 26(h)(1)(A) (emphasis added).
    \11\ 15 U.S.C. 78u-6(h)(1)(A) (emphasis added).
    \12\ In addition to these examples, the Financial Institutions 
Anti-Fraud Enforcement Act of 1990 (FIAFEA) allows whistleblowers to 
bring claims related to suspected violations of the Financial 
Institutions Reform, Recovery, and Enforcement Act of 1989 
(FIRREA)--passed in the wake of the savings and loan crisis--by 
submitting confidential declarations setting forth facts about 
alleged fraud. 12 U.S.C. 4201 et seq. As enacted, in addition to 
providing for discretionary monetary awards from the Attorney 
General, the FIAFEA granted certain protections to whistleblowers 
against employer retaliation for lawfully reporting such information 
to the government. 12 U.S.C. 4212 (providing that such declarants 
shall enjoy the protections afforded under 18 U.S.C. 3059A(e)). 
Specifically, it provided that a person who ``is discharged, 
demoted, suspended, threatened, harassed, or in any other manner 
discriminated against in the terms or conditions of employment by an 
employer because of lawful acts done by the person . . . in 
furtherance of a prosecution under [applicable provisions] may, in a 
civil action, obtain all relief necessary to make the person 
whole.'' 18 U.S.C. 3059A(e)(1), repealed by Public Law 107-273, 116 
Stat. 1781 (Nov. 2, 2002) (emphasis added). Congress repealed 18 
U.S.C. 3059A in 2002 as it considered it to be one of several 
``redundant authorizations of payments for rewards.'' Public Law 
107-273, 116 Stat. 1781 (Nov. 2, 2002). Functionally equivalent 
award and anti-retaliation provisions apply to employees of insured 
depository institutions and credit unions pursuant to the Federal 
Deposit Insurance Corporation Act and Federal Credit Union Act, 
although those provisions do not contain the same list of examples 
of forms of employer discrimination that appeared in the FIAFEA. See 
12 U.S.C. 1831j, 1831k; 12 U.S.C. 1790b, 1790c. These provisions 
predated the FIAFEA, however, and the fact that Congress labeled the 
FIAFEA protections ``redundant'' supports the notion that it viewed 
the less descriptive anti-discrimination provisions in these acts as 
encompassing the broad definition of discrimination articulated in 
the FIAFEA.
---------------------------------------------------------------------------

    In addition to enforcing the anti-retaliation provision of section 
21F, the SEC promulgated Rule 21F-17, which provides that ``[n]o person 
may take any action to impede an individual from communicating directly 
with the Commission staff about a possible securities law violation, 
including enforcing, or threatening to enforce, a confidentiality 
agreement . . . with respect to such communications.'' \13\ As the SEC 
explained in its proposal, ``the Congressional purpose underlying 
section 21F of the Exchange Act is to encourage whistleblowers to 
report potential violations of the securities laws by providing 
financial incentives, prohibiting employment-related retaliation, and 
providing various confidentiality guarantees. Efforts to impede a 
whistleblower's direct communications with Commission staff about a 
potential securities law violation, however, would appear to conflict 
with this purpose.'' \14\ The SEC since has pursued enforcement actions 
against companies that it alleged violated Rule 21F-17 by requiring 
their employees or clients to sign confidentiality agreements that 
would impede the ability of such individuals to share freely 
information about suspected wrongdoing with the SEC.\15\
---------------------------------------------------------------------------

    \13\ 17 CFR 240.21F-17(a).
    \14\ 75 FR 70488, 70510 (Nov. 17, 2010). See also 76 FR 34300, 
34351-52 (June 13, 2011) (final rule preamble reiterating 
congressional purpose).
    \15\ See, e.g., Press Release, SEC, SEC: Companies Cannot Stifle 
Whistleblowers in Confidentiality Agreements (Apr. 1, 2015), <a href="https://www.sec.gov/news/press-release/2015-54">https://www.sec.gov/news/press-release/2015-54</a> (describing administrative 
settlement in enforcement action wherein SEC alleged that KBR Inc.'s 
practice requiring employees to sign confidentiality agreements in 
internal investigations created a ``chilling effect'' to discourage 
whistleblowing in violation of Rule 21F-17); Press Release, SEC, 
Company Paying Penalty for Violating Key Whistleblower Protection 
Rule (Aug. 10, 2016), <a href="https://www.sec.gov/news/press-release/2016-157">https://www.sec.gov/news/press-release/2016-157</a> (describing SEC's issuance of cease-and-desist order and 
imposition of remedial sanctions against publicly traded company 
BlueLinx Holdings, Inc. for including language in its employee 
severance agreements that required departing employees to notify the 
company's legal department prior to disclosing any financial or 
business information to any third parties); Press Release, SEC, J.P. 
Morgan to Pay $18 Million for Violating Whistleblower Protection 
Rule (Jan. 16, 2024), <a href="https://www.sec.gov/news/press-release/2024-7">https://www.sec.gov/news/press-release/2024-7</a> 
(announcing settled charges against J.P. Morgan Securities LLC for 
violations of Rule 21F-17(a) stemming from the company's regularly 
asking retail clients to sign confidential release agreements that 
allowed them to respond to SEC inquiries but did not permit them to 
voluntarily contact the SEC).
---------------------------------------------------------------------------

    The SEC is not alone in observing that employer confidentiality 
agreements may undermine the rights of whistleblowers and impede 
government enforcement efforts. In 2017, the CFTC promulgated a rule 
that similarly bars impeding an individual from communicating with CFTC 
staff, including by enforcing or threatening to enforce confidentiality 
agreements.\16\ The CFTC explained when it proposed the rule that it 
was doing so to complement the prohibition on employer retaliation 
against whistleblowers found in CEA section 23(h)(1)(A) and to achieve 
consistency with the SEC's whistleblower rules.\17\ In June 2024, the 
CFTC issued a settlement order with Trafigura Trading LLC that 
addressed, among other issues, the company's NDAs with employees that 
impeded their ability to communicate voluntarily with the CFTC.\18\ And 
last year, the Federal Trade Commission's (FTC's) Bureau of Competition 
issued guidance explaining that certain types of contractual 
provisions, including confidentiality agreements, NDAs, and notice-of-
agency-contact provisions, are ``contrary to public policy and 
therefore void and unenforceable insofar as they purport to (1) 
prevent, limit, or otherwise hinder a contract party from speaking 
freely with the FTC; or (2) require a contract party to disclose 
anything to an investigation target about the FTC's outreach or 
communications.'' \19\
---------------------------------------------------------------------------

    \16\ 17 CFR 165.19(b).
    \17\ 81 FR 55951, 55955 (Aug. 30, 2016).
    \18\ In re Trafigura Trading LLC, CFTC No. 24-08, 2024 WL 
3225331 (June 17, 2024), available at <a href="https://www.cftc.gov/media/10791/enftrafiguratradingorder061724/download">https://www.cftc.gov/media/10791/enftrafiguratradingorder061724/download</a>.
    \19\ Bureau of Competition, FTC, Re: Contracts That Impede 
Bureau of Competition Investigations (June 15, 2023), available at 
<a href="https://www.ftc.gov/system/files/ftc_gov/pdf/Formal-Analysis.pdf">https://www.ftc.gov/system/files/ftc_gov/pdf/Formal-Analysis.pdf</a>.
---------------------------------------------------------------------------

    The same dynamic is true for the CFPB. Confidentiality agreements 
that limit the ability of employees to communicate with government 
enforcement agencies or speak freely with investigators undermine the 
CFPB's ability to enforce the law. Among the functions that Congress 
laid out for the CFPB is ``taking appropriate enforcement action to 
address violations of Federal consumer financial law.'' \20\ Subtitle E 
of the CFPA specifies the CFPB's enforcement powers, including the 
authority to conduct investigations of potential violations of law.\21\ 
In addition to other actions, the CFPB may issue demands for written or 
oral testimony in pursuing such investigations.\22\ If, due to a 
confidentiality agreement, an employee perceives that they could suffer 
adverse consequences for cooperating in such circumstances, then the 
CFPB's ability to carry out its statutory functions to protect 
consumers is compromised.
---------------------------------------------------------------------------

    \20\ 12 U.S.C. 5511(c)(4).
    \21\ See 12 U.S.C. 5562.
    \22\ See 12 U.S.C. 5562(c)(1).
---------------------------------------------------------------------------

    Consistent with these observations, covered persons that require 
employees in certain circumstances to sign broadly worded 
confidentiality agreements risk violating section 1057 of the CFPA.

[[Page 65173]]

Confidentiality agreements sometimes specify that the employer may file 
a lawsuit or reserves the right to take adverse employment action upon 
the employee's violation of the agreement. Depending on the 
circumstances, an employee may interpret such conditions as threats to 
retaliate for engaging in whistleblowing activity. The risk of a 
violation of section 1057 is heightened when covered persons impose 
such agreements in situations that are particularly likely to lead a 
reasonable employee to perceive the required entry into the agreement 
as a threat, such as in the context of an internal investigation or 
other scenario involving potential violations of law--for example, 
after the uncovering of suspected or confirmed wrongdoing, or in the 
aftermath of a potentially embarrassing episode for a company. When an 
employee participates in an investigation or otherwise is made aware of 
possible wrongdoing and simultaneously is required to sign such an 
agreement, there is a heightened risk that the employee reasonably 
would view the requirement to sign as a threat by the employer to take 
adverse action if the employee were to engage in whistleblowing 
activity. Indeed, the employee reasonably may not fathom any other 
reason for why they are being made to sign the agreement beyond that 
the employer is threatening to sue or otherwise punish the employee for 
engaging in whistleblowing. In line with the analysis above, such 
threats may constitute discrimination within the meaning of section 
1057 and thus be prohibited, regardless of whether or not the employer 
acts upon them or a court actually would enforce a confidentiality 
agreement with respect to whistleblowing.\23\
---------------------------------------------------------------------------

    \23\ As noted above, section 1057(d) of the CFPA renders 
unenforceable ``any agreement, policy, form, or condition of 
employment'' that purports to waive the rights and remedies provided 
for in section 1057. 12 U.S.C. 5567(d)(1). And, the CFPB has 
explained that including unenforceable terms in a consumer contract 
may constitute a deceptive act or practice in violation of the 
CFPA's prohibition on unfair, deceptive, or abusive acts or 
practices. See CFPB, Consumer Financial Protection Circular 2024-03: 
Unlawful and unenforceable contract terms and conditions (June 4, 
2024), <a href="https://www.consumerfinance.gov/compliance/circulars/consumer-financial-protection-circular-2024-03/">https://www.consumerfinance.gov/compliance/circulars/consumer-financial-protection-circular-2024-03/</a>. Similarly, 
requiring employees to enter into overly broad confidentiality 
agreements that restrict or waive the employees' whistleblower 
rights could constitute a deceptive act or practice in appropriate 
circumstances. Although the CFPB typically has found deceptive acts 
or practices with respect to misrepresentations made to a consumer, 
deceptive acts or practices targeting other parties--such as a 
covered person's employees--may also violate the CFPA if the 
deception is in connection with the offering or provision of 
consumer financial products or services. See 12 U.S.C. 5531, 5536.
---------------------------------------------------------------------------

    For example, in 2015, the SEC found that Houston-based global 
technology and engineering firm KBR Inc. violated Rule 21F-17 by 
requiring witnesses in certain internal investigations to sign 
confidentiality agreements containing language warning they could face 
discipline, including possible termination, if they discussed the 
matters with outside parties without the prior approval of the 
company's legal department.\24\ The SEC's order stated that, although 
there were no apparent instances in which the company specifically 
prevented employees from communicating with the SEC about securities 
law violations, the company's blanket prohibition against witnesses 
discussing the substance of their interviews without prior approval 
under penalty of disciplinary action had a chilling effect that 
undermined the purpose of section 21F and Rule 21F-17, which is to 
encourage whistleblowers to report illegal conduct to the SEC. The 
company agreed as part of the settlement to amend its confidentiality 
statement to add language making clear that employees are free to 
report possible violations to the SEC and other Federal agencies 
without KBR approval or fear of retaliation.
---------------------------------------------------------------------------

    \24\ Supra n.15.
---------------------------------------------------------------------------

    Confidentiality agreements that risk leading to violations of 
whistleblower protection statutes--including section 1057 of the CFPA--
can be formulated in different ways. Certainly, employers can draft 
them in an express manner that purports to forbid the sharing of 
information with outside parties with no acknowledgment of and 
exception for the exercise of whistleblower rights. The risk of a 
reasonable employee interpreting their required entry into such an 
agreement in circumstances involving potential wrongdoing as a threat 
against reporting information to the government is relatively high. But 
other confidentiality agreements that undermine whistleblower 
protections may reasonably be perceived by employees as threats against 
them for exercising their rights in such circumstances. For example, an 
agreement that forbids sharing information with third parties ``to the 
extent permitted by law'' may technically permit whistleblowing. 
However, an employee, who may not know that the law forbids 
restrictions on whistleblowing but understands that the consequence of 
violating the agreement is suffering adverse employment action, may 
reasonably interpret the agreement to bar providing information to a 
law enforcement agency or voluntarily cooperating in a government 
investigation depending on the circumstances in which the employer asks 
the employee to enter into the agreement. An employee reasonably may 
feel threatened by such language in certain circumstances, such as 
those described above, and decline to report suspected violations of 
law to the government.\25\ An employer can significantly reduce the 
risk of this kind of perception--and thus of violating section 1057--by 
ensuring that its agreements expressly permit employees to communicate 
freely with government enforcement agencies and to cooperate in 
government investigations.
---------------------------------------------------------------------------

    \25\ In a recently filed complaint, DOL explained how 
confidentiality provisions in employment agreements that require 
employees not to share the terms of the agreement except with the 
employee's immediate family or attorney or ``as required by law'' 
could cause employees to ``reasonably believe that they cannot 
disclose the terms of the agreements to [DOL] absent a subpoena or 
court order,'' and that these provisions, along with broad non-
disparagement and non-disclosure provisions coupled with the threat 
of termination and monetary damages, dissuade employees from 
speaking freely with DOL investigators in violation of section 
15(a)(3) of the Fair Labor Standards Act, 29 U.S.C. 215(a)(3). 
Complaint, ]] 95-106, 129-38, 160-65, Su v. Smoothstack, Inc., No. 
1:24-cv-04789 (E.D.N.Y. July 10, 2024), available at <a href="https://www.dol.gov/sites/dolgov/files/OPA/newsreleases/2024/07/SmoothstackInc-Complaint-24-1337-NAT.pdf">https://www.dol.gov/sites/dolgov/files/OPA/newsreleases/2024/07/SmoothstackInc-Complaint-24-1337-NAT.pdf</a>.
---------------------------------------------------------------------------

    As explained above, suing or threatening to sue or otherwise punish 
employees for engaging in whistleblowing activity may constitute 
discrimination against whistleblowers. Accordingly, when covered 
persons require employees to sign broadly worded confidentiality 
agreements that do not clearly permit communicating with government 
enforcement agencies or cooperating with law enforcement, especially 
when circumstances bear indicia of potential or suspected wrongdoing, 
they may be threatening to take adverse action against those employees 
for reporting suspected violations of Federal consumer financial law to 
the CFPB or other regulators. Thus, covered persons who impose these 
types of agreements on their employees risk violating the prohibition 
on discrimination against whistleblowers contained in section 1057 of 
the CFPA.

About Consumer Financial Protection Circulars

    Consumer Financial Protection Circulars are issued to all parties 
with authority to enforce Federal consumer financial law. The CFPB is 
the principal Federal regulator responsible for administering Federal 
consumer financial law, see 12 U.S.C. 5511, including the Consumer 
Financial

[[Page 65174]]

Protection Act's prohibition on unfair, deceptive, and abusive acts or 
practices, 12 U.S.C. 5536(a)(1)(B), and 18 other ``enumerated consumer 
laws,'' 12 U.S.C. 5481(12). However, these laws are also enforced by 
State attorneys general and State regulators, 12 U.S.C. 5552, and 
prudential regulators including the Federal Deposit Insurance 
Corporation, the Office of the Comptroller of the Currency, the Board 
of Governors of the Federal Reserve System, and the National Credit 
Union Administration. See, e.g., 12 U.S.C. 5516(d), 5581(c)(2) 
(exclusive enforcement authority for banks and credit unions with $10 
billion or less in assets). Some Federal consumer financial laws are 
also enforceable by other Federal agencies, including the Department of 
Justice and the Federal Trade Commission, the Farm Credit 
Administration, the Department of Transportation, and the Department of 
Agriculture. In addition, some of these laws provide for private 
enforcement.
    Consumer Financial Protection Circulars are intended to promote 
consistency in approach across the various enforcement agencies and 
parties, pursuant to the CFPB's statutory objective to ensure Federal 
consumer financial law is enforced consistently. 12 U.S.C. 5511(b)(4).
    Consumer Financial Protection Circulars are also intended to 
provide transparency to partner agencies regarding the CFPB's intended 
approach when cooperating in enforcement actions. See, e.g., 12 U.S.C. 
5552(b) (consultation with CFPB by State attorneys general and 
regulators); 12 U.S.C. 5562(a) (joint investigatory work between CFPB 
and other agencies).
    Consumer Financial Protection Circulars are general statements of 
policy under the Administrative Procedure Act. 5 U.S.C. 553(b). They 
provide background information about applicable law, articulate 
considerations relevant to the Bureau's exercise of its authorities, 
and, in the interest of maintaining consistency, advise other parties 
with authority to enforce Federal consumer financial law. They do not 
restrict the Bureau's exercise of its authorities, impose any legal 
requirements on external parties, or create or confer any rights on 
external parties that could be enforceable in any administrative or 
civil proceeding. The CFPB Director is instructing CFPB staff as 
described herein, and the CFPB will then make final decisions on 
individual matters based on an assessment of the factual record, 
applicable law, and factors relevant to prosecutorial discretion.

Rohit Chopra,
Director, Consumer Financial Protection Bureau.
[FR Doc. 2024-17539 Filed 8-8-24; 8:45 am]
BILLING CODE 4810-AM-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>