Using a proprietary dataset, Dave Jochnowitz, Steven Singer, and Mona Birjandi analyze trends in the Securities and Exchange Commission’s whistleblower program. They find that sanctions have concentrated in a select few violation categories, raising the possibility that the program is structurally guiding enforcers to focus on certain violation types to the neglect of others.
The 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act launched in 2011 a whistleblower program housed under the Securities and Exchange Commission to detect and help punish securities law violations, including bribery and fraud. From its launch through 2024, the program paid out more than $2.2 billion in awards to tipsters and helped recover billions from wrongdoers. On volume and monetary recovery alone, the program has been a success. However, our analysis of the whistleblower program found that it does not simply encourage enforcement, but appears to systematically skew it, concentrating regulatory attention in the narrow band of violation categories easiest to detect. The concern is that the program is failing to detect the full spectrum of violation types and is instead stuck in a reinforcement loop that rewards the SEC’s existing strengths while allowing harder-to-detect misconduct to recede from view.
How we conducted our analysis
We built a dataset of more than 5,000 SEC enforcement documents (across approximately 3,149 unique enforcement actions) from 2011–2025. These documents include civil complaints, administrative orders, and press releases associated with the SEC’s Notices of Covered Action (NOCAs), which identify cases generating monetary sanctions worth above $1 million, and therefore eligible for potential whistleblower awards. Rather than relying on the SEC’s own summary statistics, we used artificial intelligence to capture the types of alleged violations, defendant characteristics, and monetary outcomes, among other fields.
It is important to note few things about this dataset: (i) the SEC does not disclose whether a whistleblower contributed to any specific case; (ii) sanctions figures are represented in individual enforcement actions to avoid double counting across documents; (iii) at the same time, because individual actions may involve multiple violation categories, sanctions are attributed to each relevant category and are therefore not mutually exclusive across the dataset; (iv) further, since the SEC only issues NOCAs for enforcement actions with monetary sanctions exceeding $1 million, the cases in our dataset skew toward certain types of misconduct that are more likely to generate sanctions of at least $1 million and explain some of the patterns we observe across violation categories (see figure 1). For instance, violations typically involving institutional actors (e.g., such as accounting fraud, recordkeeping failures, and bribery) are more likely to generate sanctions exceeding $1 million than individual-level offenses that may not clear the threshold and therefore do not appear in our dataset. With those limitations in mind, the patterns in the data remain striking.
It’s not antitrust, but it’s still suspect concentration
The most startling feature of the data is the degree of concentration. Enforcement actions involving books-and-records violations (failures to maintain accurate corporate records, disclosures, or financial statements as required by law) are associated with approximately $33.3 billion in sanctions, representing roughly 60% percent of the $55.8 billion in total sanctions in our dataset. Actions involving breaches of fiduciary duty (failures by executives, advisers, or fund managers to act in the best interests of shareholders or clients) add approximately $25.9 billion. Actions involving material misstatements or omissions (false or misleading statements in public filings, earnings reports, or investor communications) contribute approximately $18.3 billion. As a reminder, individual enforcement actions routinely involve multiple violation categories. These figures do not add up to the $55.8 billion in total sanctions levied from 2011-2025 among cases that generated sanctions above $1 million.
Figure 1. Total Monetary Sanctions by Violation Type, Top 10 Categories (2011–2025)
Figure 2. Number of Unique Enforcement Actions by Violation Type, Top 10 Categories (2011–2025)
By contrast, market manipulation (the use of deceptive trading strategies to artificially inflate or deflate the price of a security), a category that demands sophisticated market surveillance and external data analysis rather than internal documentation, accounts for approximately $6 billion. Insider trading (trading securities based on material, non-public information in breach of a duty of trust or confidence), arguably the most publicly visible category of securities misconduct, contributes approximately $666 million (approximately 1.2% of the $55.8 billion in total sanctions). Figure 2 shows the flip side: material misstatements or omissions lead all categories by action count (1,674 unique actions) yet generate roughly half the sanctions of books-and-records violations, which rank fourth by count but first by sanctions, at an average of $58.8 million per action versus $26.4 million.
Second, the dataset records 157 unique FCPA-linked enforcement actions generating approximately $9.8 billion in sanctions, an average of roughly $89 million per action among the 110 actions with recorded monetary sanctions, far above the dataset-wide average. Given the current policy debate and uncertainty surrounding FCPA enforcement priorities, particularly following the 2025 change in presidential administrations and related changes in enforcement policy, this subset offers a granular look at how anti-corruption enforcement has evolved over time.
The categories that dominate the SEC’s attention share the defining characteristic that they leave paper trails inside firms. Disclosure failures, recordkeeping lapses, and conflicts of interest are exactly the kinds of misconduct that employees, compliance officers, and legal teams are positioned to observe and document. These are the cases a whistleblower can bring. Market manipulation, on the other hand, is largely invisible from inside a single firm, as it requires cross-market surveillance (monitoring trading patterns across multiple exchanges, brokers, and counterparties simultaneously to detect coordinated schemes that no single firm’s internal records would reveal) that no individual employee is likely to possess.
The off-channel communications sweep
Perhaps the most dramatic pattern in the data is the explosion of off-channel communications enforcement beginning in 2022. Before that year, such cases were nearly absent from the dataset. In 2022, the SEC launched a sweeping examination of financial firms’ compliance with electronic recordkeeping requirements, alleging that employees at major institutions were conducting business via personal messaging apps (e.g., WhatsApp, iMessage, Signal) to avoid their firms’ legally mandated official record-keeping systems (both requirements are longstanding: Exchange Act Rule 17a-4 has governed broker-dealer recordkeeping since 1975; Advisers Act Rule 204-2 has imposed parallel obligations on investment advisers since 1979—the 2022 enforcement sweep applied these existing rules to modern messaging apps, not new legislation). From zero sanctions before 2022, off-channel communications violations grew to 84 unique enforcement actions across 2022–2025 (52 in 2024 alone), generating approximately $5.8 billion in associated sanctions.
Figure 3. Off-Channel Communications Enforcement Actions (2018–2025)
Off-channel communications cases are typically identified through regulatory examinations and internal document review, not through whistleblower tips. Yet, because these actions generate sanctions above the $1 million threshold, they are included in the SEC’S NOCAs and enter the whistleblower award process. That structure creates an unintended consequence. When a NOCA is published, it invites potential claimants to submit award applications, even in cases where no whistleblower was involved. The SEC’s Office of the Whistleblower must still review each submission to determine eligibility. As a result, a surge in cases that are not tip-driven can increase the volume of award claims, many of which are ultimately ineligible, and slow the processing of legitimate whistleblower awards. This is the current tradeoff with the program’s priority of encouraging applications and confidentiality.
We note that NOCAs do not imply that a whistleblower triggered the underlying case. Any enforcement action generating monetary sanctions above $1 million triggers a NOCA and opens a formal 90-day window for award applications (whether the case originated from a whistleblower tip, a regulatory examination, or an SEC-initiated investigation). Award applications in examination-driven cases are typically disqualified because applicants cannot demonstrate that their information led to the opening of an investigation or significantly contributed to the enforcement action, a threshold the SEC’s Office of the Whistleblower applies to every submission. This structural feature affects every category in our dataset, not only off-channel communications; the 2022–2024 examination sweep simply makes the issue more visible at scale.
In the situation of off-channel communications cases, though, current SEC leadership has signaled that previous enforcement went too far and that new policy will shift away from the enforcement priorities that drove the 2022–2024 surge. Sitting commissioners have argued that off-channel communications are now so prevalent that even well-intentioned firms risk repeated enforcement exposure and have called for a more pragmatic approach to recordkeeping compliance. Whether that represents a calibration of priorities or a broader retreat from oversight will depend on what, if anything, replaces it.
An enforcement feedback loop
In either scenario, material misstatements, fraudulent promotion, books-and-records violations, and breaches of fiduciary duty appear as the top categories in virtually every year from 2011 to 2024.
Figure 4. Enforcement Trends by Top Violation Category (2011–2024)
This consistency is compatible with a path-dependence mechanism in enforcement: insider reports concentrate attention in certain categories, concentrated attention builds institutional expertise, and accumulated expertise lowers the cost of bringing additional cases to the same areas. If that dynamic is at work, the enforcement apparatus would be expected to grow more efficient in sanctioning some categories of misconduct while underserving others. Our data cannot confirm the mechanism directly. The concentration in a few misconduct types could also reflect that certain types of misconduct happen more frequently than others or that enforcers prioritize certain types of misconduct rather than being structurally guided to them through feedback loops. However, the observed persistence is precisely what path dependence would predict, and the pattern warrants the question.
This raises a deeper causal question that the data alone cannot fully resolve: does the whistleblower program drive enforcement toward certain violation types, or does the SEC rationally prioritize cases where insider tips have already done the investigative groundwork? If tips pre-screen cases and reduce investigative costs, the observed concentration may reflect a rational allocation of resources rather than structural distortion. But if that efficiency comes at the cost of systematic underenforcement of misconduct that no single insider can observe, the effect on market integrity is less clear.
The categories least represented in the data (i.e., market manipulation, complex derivatives fraud, algorithmic trading abuses) tend to require external, market-level surveillance to detect. Addressing this gap may require two complementary approaches. First, stronger incentives for data-savvy external analysts (e.g., individuals who can reconstruct manipulation patterns from market data without inside access) a category of whistleblower that has historically been underutilized. Second, sustained investment in in-house surveillance at the SEC, self-regulatory organizations, and exchanges, which collectively hold the cross-market data needed to detect coordinated misconduct invisible to any single firm.
Redesigning incentives to match the threats
The findings of our data suggest three specific questions that can help policymakers refine the whistleblower program:
1.Their eligibility raises a question about consistency. Should the SEC be required to publish aggregate annual data distinguishing tip-triggered enforcement actions from examination-driven ones, at the program level (without identifying individual whistleblowers) to enable a more precise evaluation of what the program actually incentivizes?
2. Does the program need a complementary mechanism for market-level violations? The systematic underrepresentation of market manipulation, algorithmic trading abuses, and complex structured product fraud in the whistleblower pipeline may not reflect a lack of such misconduct but a gap in the detection architecture. Expanding the SEC’s in-house data-analytics capacity and ensuring the SEC values data mining whistleblowers may be necessary to address violations that are difficult to detect through the standard whistleblower channel alone.
3. Are the largest penalties proportionate to actual investor harm? The concentration of $33.3 billion in sanctions associated with books-and-records violations warrants scrutiny. Recordkeeping violations matter, but when they generate four times the penalties of market manipulation and many times the penalties of insider trading (and carry a higher average penalty per case than material misstatements, which account for nearly twice as many enforcement actions (1,674 vs. 949), it raises legitimate questions about whether enforcement is being calibrated to harm severity or to prosecutorial convenience.
Further policy questions the data illuminates
Our proprietary dataset turned up two other noteworthy patterns. First, enforcement most frequently targets individual executives, who appear in approximately 1,481 unique actions. Registered investment advisers (~1,124 actions), private companies (~1,030 actions), and unregistered brokers (~894 actions) follow. This challenges the common perception that SEC enforcement primarily targets institutions and raises questions about whether penalty severity tracks the type of defendant..
Average sanctions per action vary considerably by defendant type. Unregistered investment advisers carry the highest average in our dataset at approximately $96.1 million per action; broker-dealers approximately $77.2 million; unregistered brokers approximately $55.8 million; registered investment advisers approximately $53.4 million; public company issuers approximately $49.1 million; and individual executives, despite being the most frequently charged defendant type, face lower average sanctions of approximately $12.1 million per action, reflecting the disproportionate concentration of large penalties on institutional rather than individual defendants.
Figure 5. Top Defendant Categories in SEC Enforcement Actions (2011–2025)
Conclusion
The SEC’s whistleblower program is, on its own terms, a success. It has generated substantial recoveries and expanded the Commission’s information base in the areas where it operates and the data confirms that.
However, we see that enforcement success is concentrated in a few categories. When approximately 60% of sanctions are associated with recordkeeping violations, and when insider trading, a violation the SEC has long positioned as a priority, accounts for approximately 1.2% of sanctions, something structural is shaping the distribution of outcomes. That structure is, at least in part, the incentive architecture of the whistleblower program itself.
The question for policymakers is whether the current design is producing the enforcement portfolio that best serves market integrity, or whether it is inadvertently creating a thumb on the scale that directs resources toward the most observable misconduct at the expense of the hardest-to-detect but potentially most economically consequential violations. Our proprietary data offers a starting point for that conversation.
Author Disclosure: The authors work for Outten & Golden LLP, which represents employees in whistleblower matters and award submissions, including cases arising under the Securities and Exchange Commission’s whistleblower program. The views expressed in this article are solely those of the authors in their research capacity. You can read our disclosure policy here.
Articles represent the opinions of their writers, not necessarily those of the University of Chicago, the Booth School of Business, or its faculty.
Subscribe here for ProMarket’s weekly newsletter, Special Interest, to stay up to date on ProMarket’s coverage of the political economy and other content from the Stigler Center.
