An anonymous reader writes "Hello slashdotters,
I work in an IT division in a major US based investment firm. It has recently come to my attention that my organization is regularly and intentionally lying to/decieving our internal auditors, as well as those from the SEC, in regards to several articles of the sarbanes oxley act, most blatantly the ones concerning electronic mail/messages.
The real problem is that everyone (right up to the CIO) is aware of it, yet they all seem content with the lies. Without getting into specifics, the auditors have little understanding of technology and blindly accept what they are told, even though it is far from the truth.
While [I hope] it hasn't lead to anything as terrible as Enron [yet?], it still doesn't sit right with me, but I am not sure what would be the best course of action.
I realize my employment would most likely be terminated for alerting the SEC, but what rights [if any] does a virtual whistle blower have these days? Would this brand me for life hindering future employment?"