US Whistleblower Reward Programs: SEC, CFTC, IRS, and DOJ

Over the past fifteen years, the United States government has constructed one of the most powerful whistleblower reward ecosystems in the world. Multiple federal agencies now offer substantial financial rewards to individuals who report original information about legal violations — rewards that, in successful cases, can reach tens or even hundreds of millions of dollars. The practical effect has been transformative: agencies have received thousands of tips annually that they would never have uncovered through their own investigative efforts alone, and corporate wrongdoers face unprecedented exposure from their own employees, competitors, and business partners.

For businesses, the implications are equally profound. The expansion of whistleblower reward programs means that any significant compliance failure — in securities law, commodities trading, tax obligations, antitrust, vehicle safety, anti-money laundering, or government contracting — carries heightened risk of disclosure by insiders who have strong financial incentives to come forward. Understanding the mechanics of these programs is therefore essential for corporate counsel, compliance officers, and executives alike.

This guide provides a structured overview of the major U.S. whistleblower reward programs, covering the legal basis for each, the categories of conduct they target, the eligibility requirements for claimants, the mechanism by which rewards are calculated, and the anti-retaliation protections afforded to whistleblowers.

1. SEC Whistleblower Program

The SEC Whistleblower Program, established by Section 21F of the Securities Exchange Act of 1934 as amended by the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, is the best-known and most active whistleblower reward program in the federal government. Administered by the SEC’s Office of the Whistleblower, the program entitles qualifying individuals to receive between 10 and 30 percent of monetary sanctions exceeding $1 million that result from enforcement actions in which the whistleblower’s information led to a successful prosecution.

To qualify, a whistleblower must provide original information — meaning information derived from the claimant’s independent knowledge or analysis and not already known to the SEC — about a potential violation of the federal securities laws. The information must be submitted voluntarily, meaning not in response to a request or subpoena. The SEC considers a range of factors when setting the award percentage within the 10–30% band, including the significance of the information, the assistance provided by the whistleblower, the whistleblower’s level of cooperation, and any culpability of the whistleblower in the underlying conduct.

Since the program’s inception, the SEC has awarded over $2 billion to more than 300 individuals. Individual awards have been extraordinary in scale: in 2020 alone, the agency paid an award of approximately $114 million to a single whistleblower, at the time the largest in the program’s history. Awards have been paid to whistleblowers residing in the United States and abroad, including foreign nationals reporting on violations with a U.S. nexus.

The program provides robust anti-retaliation protections. Employers may not discharge, demote, suspend, harass, or otherwise discriminate against an employee in the terms and conditions of employment because the employee provided information to the SEC or participated in an investigation or proceeding. Whistleblowers who suffer retaliation may seek reinstatement, double back pay, and attorney’s fees in federal court, without first exhausting administrative remedies. The SEC has also brought independent enforcement actions against companies that retaliated against whistleblowers or used agreements to impede potential disclosures.

For businesses, the SEC program creates a direct financial incentive for employees — including compliance personnel, auditors, accountants, and executives — to report suspected securities violations externally rather than relying solely on internal reporting channels. This reality underscores the importance of cultivating a credible internal compliance culture: employees who believe their concerns will be taken seriously internally are less likely to bypass internal channels.

2. CFTC Whistleblower Program

The Commodity Futures Trading Commission (CFTC) Whistleblower Program, also created by Dodd-Frank (Section 748, codified at 7 U.S.C. § 26), mirrors the SEC’s structure and offers awards of between 10 and 30 percent of sanctions exceeding $1 million collected in CFTC enforcement actions. The program covers violations of the Commodity Exchange Act (CEA), which regulates futures, swaps, and other derivatives markets.

The types of violations that have generated CFTC whistleblower tips and enforcement actions include manipulation of benchmark rates (such as the LIBOR and foreign exchange manipulation cases), spoofing and layering in commodity markets, registration violations, improper handling of customer funds, and fraud in the retail foreign exchange market. Because the CFTC and DOJ often investigate the same market manipulation conduct in parallel, a whistleblower’s tip can trigger enforcement on multiple fronts simultaneously.

The CFTC program has grown dramatically. In fiscal year 2022, the agency paid over $16 million in awards across multiple matters, and the program’s total awards have exceeded $350 million since inception. In 2021, the CFTC finalized regulations expanding whistleblower protections and clarifying that awards are available even when the agency relies primarily on a related action (such as a DOJ criminal case or a parallel SEC enforcement action) that itself was triggered by the whistleblower’s original information.

Anti-retaliation protections under the CFTC program are equivalent to those under the SEC program: whistleblowers may seek reinstatement, double back pay, and litigation costs in federal court. The CFTC has indicated willingness to pursue enforcement actions against companies that engage in retaliation or that use employment agreements to suppress whistleblowing.

3. IRS Tax Whistleblower Program

The IRS Whistleblower Program, administered by the IRS Whistleblower Office and governed by 26 U.S.C. § 7623, offers financial rewards to individuals who provide information leading to the collection of unpaid federal taxes, penalties, and interest. The program operates under two tracks. The mandatory award track (Section 7623(b)) applies when the disputed tax amount, penalties, and interest exceed $2 million in aggregate, and entitles qualifying whistleblowers to between 15 and 30 percent of the proceeds collected. The discretionary track (Section 7623(a)) covers smaller matters and provides for discretionary awards of up to 15 percent.

The types of conduct that have generated IRS whistleblower claims include offshore tax evasion, abusive tax shelters, improper transfer pricing between related entities, underreporting of income, fraudulent deductions, and payroll tax fraud. The landmark UBS case, in which a former UBS banker provided the IRS with information leading to a $780 million settlement and the disclosure of thousands of offshore account holders, demonstrated the program’s potential to unlock systemic tax evasion schemes that the IRS would have been unable to detect through ordinary audit processes.

The IRS program differs from the SEC and CFTC programs in several important respects. First, awards are paid only from amounts actually collected, not from the total amount of sanctions or penalties assessed. This means that if the IRS assesses a deficiency but is unable to collect, no award is paid. Second, the timeline from submission to award can be exceptionally long — often five to ten years or more — reflecting the pace of IRS administrative processes and litigation. Third, the program does not provide an explicit statutory anti-retaliation cause of action comparable to those in the Dodd-Frank programs, although common law and other statutory protections may apply.

For multinational businesses, the IRS program is a significant risk factor. Former employees, tax advisors, and counterparties who are aware of aggressive tax positions, transfer pricing arrangements, or offshore structures that may not meet the applicable legal standards have a financial incentive to report those positions to the IRS. The program has been particularly active in the areas of foreign asset disclosure, cryptocurrency tax reporting, and abusive partnership arrangements.

4. DOJ Criminal Antitrust Whistleblower Reward Program

The DOJ’s Criminal Antitrust Whistleblower Reward Program, launched in January 2024 under the Antitrust Criminal Penalty Enhancement and Reform Act as amended, represents a significant expansion of the antitrust enforcement toolkit. Prior to this program, the primary incentive for antitrust cooperation was the DOJ’s Corporate Leniency Program, which offers amnesty from prosecution to the first company to self-report cartel conduct and cooperate. The new whistleblower reward program complements the leniency program by offering financial rewards directly to individual tipsters, regardless of whether a company seeks leniency.

The program offers awards of up to 30 percent of the first $100 million in criminal fines collected, meaning that the maximum award under current parameters is approximately $30 million for a given matter. Awards are discretionary within that ceiling, based on factors including the significance and timeliness of the information, the assistance provided by the whistleblower, and any role the whistleblower played in the underlying misconduct. The DOJ retains broad discretion over award determinations.

To be eligible, a whistleblower must provide the DOJ with original information about criminal violations of the Sherman Antitrust Act — primarily price-fixing, bid-rigging, market allocation agreements, and related cartel conduct. The information must not already be known to the DOJ, and the whistleblower must not have been the organizer or leader of the scheme. Unlike the SEC and CFTC programs, the antitrust program does not contain a statutory minimum threshold based on the size of the sanctions, but as a practical matter the DOJ’s resources are focused on significant criminal matters.

The program includes anti-retaliation protections that prohibit covered employers from retaliating against employees who report potential criminal antitrust violations to the DOJ, participate in related investigations, or initiate related legal proceedings. Retaliated-against employees may seek reinstatement, back pay, and attorney’s fees. For businesses, the program creates meaningful risk that employees who are aware of cartel conduct — including price coordination, information sharing with competitors, or bid manipulation — will have strong incentives to report directly to the DOJ rather than through internal channels.

5. NHTSA Motor Vehicle Safety Whistleblower Program

The National Highway Traffic Safety Administration (NHTSA) Whistleblower Program was created by the Motor Vehicle Safety Whistleblower Act, enacted as part of the FAST Act of 2015. The program offers awards of up to 30 percent of monetary sanctions exceeding $1 million collected in NHTSA enforcement actions arising from original information provided by the whistleblower. It covers violations of federal motor vehicle safety laws, including the concealment of known safety defects, the failure to issue timely recalls, falsification of safety data, and fraudulent compliance certifications.

The program was a direct legislative response to the high-profile scandals involving undisclosed vehicle safety defects, including the Takata airbag inflator failures and the General Motors ignition switch defect controversy. Those cases revealed that employees within manufacturing companies had, in some instances, possessed information about dangerous defects that was not appropriately escalated or disclosed to regulators. The whistleblower reward structure was designed to create a countervailing incentive for employees to disclose such information, even in corporate cultures that might otherwise discourage it.

Eligibility requirements are broadly similar to those of the SEC and CFTC programs: the information must be original, derived from independent knowledge or analysis, provided voluntarily, and must lead to a successful enforcement action. NHTSA has discretion to reduce or deny an award if the whistleblower participated in the underlying conduct or delayed reporting in a way that endangered public safety. Anti-retaliation protections prohibit covered employers from retaliating against employees who make disclosures under the program, with remedies including reinstatement, back pay, and compensatory damages.

For automotive manufacturers, suppliers, and dealers, the NHTSA program creates compliance obligations that extend beyond product liability law. Employees in engineering, quality assurance, regulatory affairs, and legal functions who become aware of potential safety defects face a personal financial incentive to report outside the company if they believe internal reporting will be suppressed or disregarded.

6. FinCEN Whistleblower Program

The Financial Crimes Enforcement Network (FinCEN) Whistleblower Program was established by the Anti-Money Laundering Act of 2020, which amended the Bank Secrecy Act (BSA) to add Section 5323. The program, which became fully operational following the issuance of implementing regulations, offers awards of between 10 and 30 percent of monetary sanctions exceeding $1 million collected in proceedings arising from original information about violations of the BSA and related anti-money laundering (AML) laws.

The BSA requires financial institutions — banks, broker-dealers, money services businesses, casinos, and a growing range of other covered entities — to implement AML programs, conduct customer due diligence, and file suspicious activity reports (SARs) and currency transaction reports (CTRs) with FinCEN. Violations that can trigger FinCEN enforcement and potentially support a whistleblower claim include failures to file SARs, willful blindness to money laundering through a financial institution’s accounts, inadequate AML programs, and complicity in facilitating transactions that the institution knew were proceeds of criminal activity.

The FinCEN program is notable because it provides a reward pathway for insiders at financial institutions — compliance officers, BSA officers, relationship managers, and others — who are aware of systemic failures in AML controls. Historically, financial institution employees who were uncomfortable with the adequacy of their employer’s AML program had limited options: raise concerns internally, file a SAR themselves (which carries its own legal complexity), or accept the status quo. The FinCEN reward program creates a direct financial incentive to report deficiencies to regulators.

Anti-retaliation protections under the FinCEN program prohibit covered employers from retaliating against employees who provide information under the program or participate in related investigations. The program’s implementing regulations clarify that FinCEN’s awards authority extends to sanctions collected in related actions brought by other agencies using the same original information, paralleling the approach of the SEC and CFTC programs.

7. DOJ Criminal Corporate Whistleblower Awards Pilot Program

In August 2024, the DOJ’s Criminal Division launched the Criminal Corporate Whistleblower Awards Pilot Program, a three-year initiative designed to fill significant gaps in existing reward programs by creating a pathway for individuals to report corporate criminal conduct that is not covered by the SEC, CFTC, IRS, or antitrust whistleblower programs. The program is administered by the DOJ’s Criminal Division and offers financial awards to individuals who provide original information leading to a successful criminal prosecution or corporate resolution with net proceeds exceeding $1 million.

The categories of conduct specifically targeted by the pilot program include violations of the Bank Secrecy Act not already covered by the FinCEN program, violations of the Foreign Corrupt Practices Act (FCPA), healthcare fraud, procurement fraud, and domestic bribery. The program is explicitly designed to complement — not replace — the DOJ’s existing Corporate Enforcement and Voluntary Self-Disclosure Policy, under which companies receive significant credit for self-reporting and cooperating. Individuals who report through the pilot program but whose tips lead the company to self-disclose are still eligible for an award.

Award amounts under the pilot program are discretionary, without a statutory floor or ceiling comparable to the Dodd-Frank programs. The DOJ has indicated that awards of up to 30 percent of the first $100 million in net proceeds are contemplated, consistent with the antitrust program structure. The DOJ retains discretion to deny or reduce awards for individuals who were substantially involved in the criminal conduct, who failed to report through internal channels when doing so would have been appropriate, or who otherwise acted in bad faith.

The pilot program is particularly significant for FCPA compliance. Historically, many FCPA enforcement actions have been triggered by voluntary self-disclosure or parallel investigations in foreign jurisdictions rather than by individual tipsters. The pilot program creates, for the first time, a direct financial incentive for employees with knowledge of foreign bribery to report to the DOJ rather than waiting for the company to discover and disclose the conduct. Companies should ensure that their FCPA compliance programs are sufficiently robust to detect potential violations before they become the subject of a criminal referral, and that internal reporting channels are genuinely accessible and credible.

Because the pilot program is new and evolving, its precise mechanics — including the procedures for applying for an award, the timeline for resolution, and the criteria the DOJ will apply in exercising its discretion — continue to develop. Businesses and their counsel should monitor DOJ guidance and enforcement releases closely as the program matures.

8. Federal and State False Claims Act Rewards

The federal False Claims Act (FCA), codified at 31 U.S.C. §§ 3729–3733, is among the most powerful anti-fraud statutes in the United States and the principal legal vehicle for prosecuting fraud against the federal government. Its qui tam provisions — derived from the Latin phrase “qui tam pro domino rege quam pro se ipso in hac parte sequitur,” meaning “who brings the action for the king as well as for himself” — allow private citizens (known as relators) to file suit on behalf of the United States government against entities that have defrauded the government. If the suit is successful, the relator is entitled to between 15 and 30 percent of the government’s recovery.

The FCA’s reach is extraordinarily broad. It applies to any person or entity that knowingly submits a false or fraudulent claim for payment to the federal government, knowingly makes a false record or statement material to a false claim, or conspires to defraud the government by getting a false claim paid. The principal sectors generating FCA qui tam litigation include defense contracting, Medicare and Medicaid billing, pharmaceutical pricing and marketing, federal construction projects, and federal grant programs.

The Department of Justice intervenes in approximately one-quarter of qui tam complaints filed each year; when DOJ intervenes, the relator’s share is typically 15 to 25 percent. In non-intervention cases — where the relator proceeds alone — the share rises to 25 to 30 percent of any recovery. FCA recoveries are routinely measured in the hundreds of millions of dollars, and individual relator awards in the tens of millions are not uncommon. In GlaxoSmithKline’s 2012 settlement ($3 billion total), multiple relators collectively received tens of millions of dollars. In Pfizer’s 2009 settlement ($2.3 billion), the relator share exceeded $100 million.

The FCA contains its own anti-retaliation provision (31 U.S.C. § 3730(h)), which prohibits employers from retaliating against employees, contractors, or agents who engage in protected activity — including investigating, reporting, or filing a qui tam complaint. Remedies include reinstatement, double back pay, and attorney’s fees. Courts have interpreted the protected activity standard broadly, and employees do not need to have filed a complaint to be protected; internal investigations and disclosures can suffice.

State False Claims Acts

At least thirty-two states and the District of Columbia have enacted their own false claims acts modeled on the federal statute. These state FCAs create parallel reward opportunities for whistleblowers who report fraud against state government programs, including state Medicaid programs, state pension funds, state procurement, and other state-funded activities. Many state FCAs expressly incorporate the Medicaid fraud context — the federal government incentivizes states to enact qualifying Medicaid FCAs by allowing the state to retain a larger portion of recovered Medicaid funds.

State FCA qui tam provisions generally mirror the federal statute’s structure, with relators entitled to 15 to 30 percent of state recoveries. In states with active enforcement programs — California, New York, Illinois, and Texas are among the most active — state FCA recoveries can be substantial. California’s False Claims Act, for example, has generated hundreds of millions of dollars in recoveries over the past two decades, with relators receiving tens of millions in aggregate awards.

One important feature of the FCA landscape is the “public disclosure bar,” which generally prohibits qui tam actions based on allegations that have already been publicly disclosed in certain enumerated sources (such as government reports, audits, or news media) unless the relator is an “original source” of the underlying information. Courts have disagreed about the precise scope of the public disclosure bar, and changes to the statute in 2010 somewhat narrowed its application. Navigating the bar — and establishing original source status — is a critical strategic consideration for any potential FCA relator.

For businesses that do business with the government — directly or through subcontracts — the FCA is a permanent and serious compliance risk. The government’s recovery extends not just to amounts fraudulently obtained but also to civil penalties (currently $13,000 to $27,000 per false claim), treble damages, and the government’s litigation costs. A robust compliance program, a credible internal reporting mechanism, and periodic audits of billing and certification practices are the most reliable defenses against FCA exposure.

Strategic Considerations for Businesses

The proliferation of whistleblower reward programs has fundamentally altered the compliance landscape. Several strategic considerations follow from a comprehensive understanding of these programs.

First, the financial incentives available to whistleblowers have reached a scale that can override employee loyalty, compliance concerns, and fear of retaliation. Awards of $10 million, $50 million, or more are life-changing sums, and the SEC, CFTC, and FCA programs have demonstrated that such awards are regularly paid. Companies should assume that any significant compliance failure — known to more than one person — carries meaningful risk of external disclosure.

Second, internal reporting channels must be genuinely effective. Employees who trust that concerns raised internally will be taken seriously, investigated promptly, and resolved appropriately are more likely to use internal channels before approaching a regulator. A compliance culture in which internal reports are ignored, suppressed, or met with retaliation does the opposite: it pushes employees toward external reporting and may itself generate additional FCA or Dodd-Frank liability if the internal reporting constituted protected activity.

Third, for companies that discover potential violations through internal compliance processes, self-disclosure decisions are now more complex. Under several programs — most explicitly the DOJ’s Corporate Enforcement Policy and the FCPA pilot program — self-disclosure before a whistleblower complaint is filed will typically generate more favorable treatment. However, timing matters: if a whistleblower has already filed with the SEC or DOJ before the company self-discloses, the credit available for voluntary disclosure may be reduced. Companies facing potential violations should engage experienced counsel promptly to assess the disclosure calculus.

Fourth, the international reach of these programs is substantial. The SEC and CFTC accept tips from non-U.S. whistleblowers, pay awards to foreign nationals, and have paid awards based on conduct that occurred entirely or primarily outside the United States. This means that foreign employees, joint venture partners, and third-party agents in overseas markets are potential sources of whistleblower disclosures, not just domestic employees.

Conclusion

The United States has built a layered, cross-agency whistleblower reward architecture that covers an exceptional range of corporate misconduct — securities fraud, derivatives manipulation, tax evasion, cartel conduct, vehicle safety defects, money laundering, bribery, and virtually all forms of fraud against the government. The financial rewards available are large enough to motivate disclosure even when doing so involves personal risk, and the anti-retaliation protections are increasingly robust. For businesses, this is not an abstract risk: it is a structural feature of the regulatory environment that demands a serious and sustained compliance response.

Companies that invest in effective compliance programs, credible internal reporting mechanisms, and a genuine culture of accountability are best positioned to detect and address potential violations before they become the subject of a whistleblower complaint. Those that do not face the prospect of enforcement actions initiated not by regulatory inspections or audits, but by their own people.