By: Ariana Rokneddini
Traditionally, a whistleblower is a member of an organization who exposes illegal misconduct that is occurring within that company.[1] Whistleblowing has historically played a role in federal enforcement.[2] Over time, Congress and regulatory agencies have increasingly recognized that insiders are often best positioned to detect complex financial misconduct.[3] As a result, modern whistleblower frameworks, especially those that provide financial incentives and confidentiality protections, have become central tools in identifying and prosecuting corporate wrongdoing.[4]
On February 13, 2026, the U.S. Department of the Treasury (“the Treasury”) announced that it would launch a webpage dedicated to accepting confidential whistleblower tips regarding corporate fraud.[5] Administered through the Treasury’s Financial Crimes Enforcement Network (FinCEN), the initiative creates a centralized reporting channel through which individuals may confidentially submit information regarding violations of the Bank Secrecy Act, anti–money laundering (AML) laws, and U.S. sanctions programs.[6] In certain cases, whistleblowers may receive monetary awards if the information they provide results in successful enforcement actions.[7] These financial incentives reflect the modern whistleblower reward framework established under the Dodd-Frank Act, which authorizes eligible whistleblowers “to receive a percentage of government recoveries from successful prosecutions.”[8]
By emphasizing whistleblower award provisions and creating a centralized reporting mechanism, the Treasury is signaling that internal and external disclosures will play a more prominent role in uncovering corporate fraud and violations.[9] In practical terms, this expands the government’s enforcement reach beyond traditional examinations and delves deeper into corporate governance law.[10] Under In re Caremark International Inc. Derivative Litigation,[11] directors breach their duty of loyalty when they either fail to implement any reporting system or consciously disregard red flags.[12] Although Caremark claims remain notoriously difficult to plead, more recent decisions, such as Marchand v. Barnhill,[13] have clarified that boards must exercise a “good faith effort” in areas deemed “mission critical” to the firm’s operations.[14] Mission-critical functions within financial institutions, such as AML compliance and fraud prevention, which the Treasury highlighted in its announcement, fall within this category.[15]
This development significantly reshapes the compliance conversation and whether directors acted in good faith. A successful Caremark claim based on whistleblower tips can expose board members to personal liability for failing to fulfill their duty of oversight by ignoring or inadequately responding to red flags.[16] Directors may face the risk of lawsuits brought by shareholders, subjecting them to reputational risk, financial consequences, and closer scrutiny of governance practices.[17] Whistleblower tips can therefore serve as potential evidence that directors consciously disregarded known risks, strengthening the legal basis for a finding of bad-faith oversight.[18]
The availability of confidential, and potentially compensated, reporting channels for employees and third parties means that companies can no longer treat compliance programs as simple box-checking exercises.[19] Boards and executives must ensure that reporting systems are credible, responsive, and well-documented, not only to reduce enforcement risk but also to satisfy broader governance expectations.[20] In litigation following corporate misconduct, plaintiffs may now point to the Treasury’s encouragement of whistleblower-driven enforcement as evidence that the regulatory environment has shifted.[21] The whistleblower program functions as more than an enforcement tool: it subtly heightens the expectations of board-level oversight in the ongoing effort to deter corporate fraud.[22]
In a post-Caremark and Marchand corporate world, scholars increasingly characterize a board’s failure to reassess the robustness of its internal reporting channels, escalation procedures, and compliance monitoring not merely as grossly negligent but as bad-faith inattention to a known, mission-critical risk.[23] More broadly, the initiative reinforces a growing expectation that companies maintain well-documented compliance frameworks.[24] Framed against the backdrop of national security and financial integrity, the Treasury’s announcement reinforces a theme we see repeatedly in business law: compliance is no longer reactive; it is a central component of enterprise risk management.[25]
[1] See Michael Donnella, Are Corporations the New Whistleblowers?, The Temp. 10-Q (Jan. 12, 2026), https://law.temple.edu/10q/are-corporations-the-new-whistleblowers/ [https://perma.cc/5MVS-8C2K] (stating that whistleblowers are typically “employees, officers, or insiders”).
[2] See generally Jimmy Balser, Cong. Rsch. Serv., R48318, The Whistleblower Protection Act (WPA): A Legal Overview (2024) (explaining the history of whistleblower protections in the government, which dates back to the 1700s).
[3] See id.
[4] See Elle Tsivka, 5 Trends Shaping Whistleblower Regulations in 2025, Mitratech (Nov. 14, 2024), https://mitratech.com/resource-hub/blog/5-trends-shaping-whistleblower-regulations-in-2025/ [https://perma.cc/JD7A-NCXZ].
[5] Press Release, U.S. Dep’t of the Treasury, Treasury Accepting Whistleblower Tips on Fraud, Money Laundering, Sanctions Violations (Feb. 13, 2026), https://home.treasury.gov/news/press-releases/sb0394 [https://perma.cc/5JPX-268Y] (describing how the whistleblower webpage accepts tips related to fraud, money laundering, and sanctions violations).
[6] See id.; see also Paul Lim et al., FinCEN Launches New Whistleblower Webpage, Arnold & Porter (Feb. 26, 2026), https://www.arnoldporter.com/en/perspectives/blogs/enforcement-edge/2026/02/fincen-launches-new-whistleblower-webpage [https://perma.cc/J8JD-7FWN] (noting that FinCEN’s reporting portal allows individuals to submit information that would lead to enforcement actions by the Treasury or the U.S. Department of Justice).
[7] U.S. Dep’t of the Treasury, supra note 5.
[8] Corporate Whistleblowers, Nat’l Whistleblower Ctr., https://www.whistleblowers.org/know-your-rights/corporate-whistleblowers/ [https://perma.cc/Z5BV-JPBA] (last visited Mar. 7, 2026).
[9] See id. (“Whistleblowers are the single most effective source of information in detecting corporate fraud.”).
[10] See Donnella, supra note 1 (positing that this development in whistleblower tips signals a “fundamental shift in accountability and enforcement dynamics”).
[11] 698 A.2d 959 (Del. Ch. 1996).
[12] Id. at 970.
[13] 212 A.3d 805 (Del. 2019).
[14] See Jim DeLoach, The Caremark Standard: Tough, but Not Impregnable, NACD (Aug. 6, 2019), https://www.nacdonline.org/all-governance/governance-resources/directorship-magazine/online-exclusives/caremark-standard-tough-but-not-impregnable/ [https://perma.cc/6ACD-3APJ] (asserting that the Caremark decision established a “high wall for plaintiffs” to prove regarding a board’s breach of duty, particularly in bad faith); 212 A.3d at 824.
[15] See, e.g., Ola Tucker, The Board’s Role in AML Compliance, Corp. Compliance Insights (Nov. 4, 2019), https://www.corporatecomplianceinsights.com/board-role-aml-compliance/ [https://perma.cc/9L67-7NSS] (“[D]irectors need to have . . . sufficient knowledge of the specific AML risks posed to the business . . . .”); Holly Carr, Kevin Abikoff & Amy Rojik, A Practical Guide to the Board’s Oversight of Fraud, BDO (Nov. 10, 2025), https://www.bdo.com/insights/assurance/a-practical-guide-to-the-boards-oversight-of-fraud [https://perma.cc/JH4G-KJ57] (emphasizing that fraudulent practices are increasing and have a destructive impact on corporations).
[16] Chancery Holds That Board’s Failure to Respond to Whistleblower Complaint Detailing Violations of Banking Laws Supported a Claim for Breach of Board’s Duty of Oversight, Morris James LLP (Jan. 15, 2026), https://www.morrisjames.com/p/102m24z/chancery-holds-that-boards-failure-to-respond-to-whistleblower-complaint-detaili/ [https://perma.cc/LK2F-HSWA].
[17] See Gail Weinstein, Warren S. de Wied & Philip Richter, Caremark Liability for Regulatory Compliance Oversight, Harv. L. Sch. F. on Corp. Governance (July 8, 2019), https://corpgov.law.harvard.edu/2019/07/08/caremark-liability-for-regulatory-compliance-oversight/ [https://perma.cc/2WH8-XSZT].
[18] See Steven, Whistleblowing Services: A Mandatory Board Oversight Mechanism Protecting Both Organizations and Directors Under the Reasonable Steps Defense, WBS (Apr. 23, 2025), https://www.whistleblowingservice.com.au/blog/whistleblowing-services-a-mandatory-board-oversight-mechanism-protecting-both-organizations-and-directors-under-the-reasonable-steps-defense/ [https://perma.cc/69QF-Z9UQ].
[19] See Deborah A. Demott, Whistleblowers: Implications for Corporate Governance, 98 Wash. Univ. L. Rev. 1645, 1646 (2021) (observing that compliance policies that incorporate whistleblower components increase the likelihood that whistleblower reports are used more effectively).
[20] See Zoya Khan, Whistleblowing Without Fear: Is Anonymous Reporting the Best Solution?, VComply (Jan. 22, 2025), https://www.v-comply.com/blog/anonymous-whistleblower/ [https://perma.cc/KS98-G353].
[21] See Mike Piazza, Client Alert by Mike Piazza: Expanding Federal Whistleblower Initiatives – Treasury Launches Whistleblower Program for Financial Crimes, CMLaw (Feb. 13, 2026), https://www.cm.law/client-alert-by-mike-piazza-expanding-federal-whistleblower-initiatives-treasury-launches-whistleblower-program-for-financial-crimes/ [https://perma.cc/W3X2-HTMD] (observing that the Treasury’s new whistleblower initiative is an expansion upon already-existing measures to enhance reporting of corporate fraud).
[22] See id.
[23] See id. (presenting various steps that corporations should take in regulating compliance policies after the Treasury’s announcement).
[24] See id.
[25] See U.S. Dep’t of the Treasury, supra note 5; see also Kristy Grant-Hart, Enterprise Risk and Compliance: 10 Best Practices to Optimize the Relationship, Diligent (Nov. 18, 2025), https://www.diligent.com/resources/blog/enterprise-risk-compliance-optimize-relationship [https://perma.cc/NKP6-2QCN].
