When it comes to conducting background checks during the employment screening process, it can often be difficult for employers to remain in compliance with all of the rules and guidelines determined by the Fair Credit Reporting Act (FCRA), because there are many steps involved. However, it is critical to be aware of and to enforce all of the policies and procedures that have been outlined by the FCRA. Failing to do so could end up being costly to your business’ image and to your pocketbook. There are four basic steps that are required to stay in compliance with the FCRA during the employment screening process.

These steps include Permissible Purpose; Disclosure and Authorization (D&A); Pre-Adverse Action Notification; and Adverse Action Notification.

First and foremost, before an employer decides to conduct a background check, he or she must have Permissible Purpose, such as employment screening.

Once permissible purpose has been determined, the employer can move onto D&A. D&A requires an employer to provide the applicant with documentation that uses a specific set of language that informs him or her that a background check will be performed. The signed authorization of the applicant must be received in return. At this point, an employer should also give the prospective employee his or her first copy of the “Summary of Consumer Rights under the FCRA” as well.

Pre-Adverse Action Notification comes into play once an employer is considering denying employment based on the results determined during the background check. This step requires an employer to send a pre-adverse action letter, a completed copy of the background check and a second copy of the “Summary of Consumer Rights under the FCRA” to the applicant. This letter should make the applicant aware that they may not be hired for the position unless they choose to dispute the information found in the background check and provide proof that it is inaccurate.

After a reasonable amount of time has passed since you sent the pre-adverse action letter, Adverse Action can be taken. This requires an employer to send an adverse action letter to the applicant. This notification notes your final decision to deny employment based on the results found in the background check. The employer must also send a second completed copy of the background check and a third copy of the “Summary of Consumer Rights under the FCRA” as well.

Some employers have responded to the challenge of staying compliant by simply relying on the forms and information they receive from their background screening companies. While background screening companies are a great resource, those employers should keep in mind that the FCRA imposes compliance requirements on employers themselves, requirements that are independent of the requirements applicable to the background check companies.

Bottom line, as a business owner or employer, it is important to remember that if you are ever going to use any information found in a background check to determine whether or not to higher an employee, all of these steps must be followed to protect your business and the rights of the applicant. In many cases, the decision not to hire a potential employee has nothing to do with the results of his or her background screening. However, if you ever have any doubts or are unsure, it is always better to be safe than sorry.

The Importance of Disclosure and Authorization


Criminal background checks are a common practice in today’s business world and can be a useful tool that allows an employer to determine that prospective employees meet specific standards which he or she has deemed acceptable for the business. As a business owner, the last thing you want to endure is a long, drawn-out lawsuit as a result of failing to properly meet the Disclosure and Authorization (D&A) requirements outlined by the Fair Credit Reporting Act (FCRA). The D&A requirements involve disclosing the “Summary of Consumer Rights under the FCRA” to applicants and receiving a signed authorization form (that uses a specific set of pre-determined language) from those applicants before running a background check.

These steps are crucial and were specifically designed to protect the rights of the applicant. Employers who neglect to properly meet these requirements before running a criminal background check face having to pay big, big bucks in class action lawsuits and irreparable damage to their image.

In an article entitled, “FCRA Class Action Lawsuits: The Sharks Are Circling,” attorney Craig Bertschi suggests that the background screening industry has become a new target for class action lawsuits, which can be extremely lucrative for plaintiffs’ and their lawyers and financially disastrous for business owners. He notes that the FCRA is the perfect target for class actions for a number of reasons. First, Consumer Reporting Agencies (CRAs) and employers usually follow routine procedures in processing background checks and screening applicants, and if those procedures are not in compliance with the FCRA, then it is likely that many people have been affected (potentially thousands of applicants). Second, in FCRA class action lawsuits, the plaintiff can recover statutory damages, as opposed to having to provide proof of actual damages. Third, unlike other consumer protection statutes, the FCRA has no limits on damages or the amount of damages that can be awarded against a defendant in class action litigation.

One recent class action lawsuit involving non-compliance ended with a school bus transportation company having to pay $5.9 million in damages for failing to meet the FCRA’s guidelines. That settlement was the largest settlement ever that involved employment-related FCRA claims.

It is cases like this that are prompting business owners to reevaluate their own procedures and policies to ensure that they are compliant with the FCRA’s guidelines. If you are a business owner who has not yet reexamined your own policies, now is the time! You may end up saving yourself a major headache and a huge sum of money, all while protecting your business and the rights of your future applicants.

D&A is just one of four steps required for a business to remain in compliance with the federal legislation that was designed to protect the rights of an applicant during the background screening process. The complete list of steps includes: Permissible Purpose; Disclosure and Authorization; Pre-Adverse Action Notification; and Adverse Action Notification.

We’ll create the rules, but not play by them

We’ll create the rules, but not play by them: A classic oxymoronic example

 May 7, 2012, the Huffington Post published an article about Yolanda Quesada, a woman formerly employed by Wells Fargo (the nation’s largest bank based on market cap) for more than five years. Quesada was recently fired from the company for a shoplifting crime she committed in 1972!

Clearly, this sort of activity would be the perfect vehicle to filing a discrimination lawsuit against behavior that is obviously in violation of Title VII of the Civil Rights Act of 1964.  It has long been established by the Equal Employment Opportunity Commission (EEOC) that policies and practices that create a disparate impact on protected classes (Hispanics in Quesada’s case) are unlawful and subject to charges and penalties imposed by the federal government.

In addition, the EEOC recently announced new guidance on the issue of employers utilizing criminal and arrest records and how that utilization pertains to Title VII.  Within those guidelines, it is clearly outlined that blanket policies have no business necessity violating Title VII.  The EEOC also discusses a mechanism termed individualized assessment, which is a process that essentially allows employers to take an individual look at a specific set of circumstances to determine whether an exception should be made given the relevance to business necessity.  If you were unable to follow that, here is what all of this means in a nutshell:

Companies simply cannot take adverse action, like firing a good, established employee, because of a criminal record that he or she obtained more than four decades ago.  The company would need to establish that the crime that occurred directly correlates to the position that the person currently holds. The company would also need to prove that the criminal record creates a viable, statistical and somewhat empirical threat to the business.  A shoplifting charge from 1972 is not going to cut it.  Without a doubt, this situation would go on to graduate into a lawsuit.

However, Wells Fargo is an insured depository institution, which means it is governed and bound by federal oversight such as law 18 USC 1033 and specific statues outlined by the Federal Deposit Insurance Corporation (FDIC).  18 USC 1033 specifically states:

(A)  Any individual who has been convicted of any criminal felony involving dishonesty or a breach of trust, or who has been convicted of an offense under this section, and who willfully engages in the business of insurance whose activities affect interstate commerce or participates in such business, shall be fined as provided in this title or imprisoned not more than 5 years, or both.

(B) Any individual who is engaged in the business of insurance whose activities   affect interstate commerce and who willfully permits the participation described in subparagraph (A) shall be fined as provided in this title or imprisoned not more than 5 years, or both. (2) A person described in paragraph (1)(A) may engage in the business of insurance or participate in such business if such person has the written consent of any insurance regulatory official authorized to regulate the insurer, which consent specifically refers to this subsection.

Because shoplifting is a crime that directly relates to dishonesty (stealing) and a breach of trust, Wells Fargo was left with no alternative other than to let Quesada go, even though the crime she committed occurred more than 40 years ago.

The new guidance provided by the EEOC unambiguously states, “Compliance with federal laws and/or regulations is a defense to a charge of discrimination.”  The commission goes on to say that it will continue to work with federal departments to create consistency and to principally adjust federal policy so that it conforms to normal Title VII compliance.

This situation clearly isn’t fair for a number of reasons. First, Yolanda Quesada has obviously gotten hosed, which is detrimental to her and her well-being.  However, Wells Fargo has also received the shaft because the company is out a wonderful employee who it had entrusted for five years.  Why it has taken this long to figure this out is baffling. Nevertheless, it is definitely a losing situation for all parties involved.  Just another example of members of the federal government creating rules for everyone to follow, but rules they seem to choose to ignore themselves.

Always do background checks

In order to prevent a potentially hazardous hiring situation, the majority of background checks should be performed prior to hiring. However, the occasional desperate situation will leave insufficient time for performing checks. In these circumstances, background checks should always be performed before or as quickly as possible after hiring. Doing so will instill a vote of confidence in you from all of your employees and or clients/vendors.

Why you should perform background checks on new hires:

A routine policy of completing background checks on all new hires will help current employees feel safe and secure in their work environment. Mandatory background checks will also instill a realization in your new hire that you do not take important matters such as safety and security lightly.

What a background check tells you about new hires:

Among other things a background check can verify educational and employment experience on a new hire, determine criminal history, and justify previous claims to worker’s compensation. Each of these pieces of information can greatly benefit an employer when seeking a new hire. Criminal history records determine if a person can be disqualified for a particular job. For instance, a conviction for theft forbids the candidate to work in positions directly handling money. This information is vital to an employer seeking the best fit for an available position.

Types of background checks products for new hires:

It is a good idea to have a standard policy for each position or class of job in place for the types of background checks performed on your employees. This will help avoid discrimation cases within your organization. Some common background checks include:

  • Criminal Record Searches
  • Driving Records
  • Employment References
  • Credit Check
  • Sex Offender Search
Many employers are even doing background checks themselves via social networking sites like Facebook, Twitter, YouTube, and others. However, a more thorough search is more often run by a professional background check company.


What is the FCRA?

FCRAThe FCRA, or Fair Credit Reporting Act, is a law that basically regulates the use of consumer information, including credit information. The law was passed in the early 1970s as a protection to consumers from Consumer Reporting Agencies.

Purpose of the FCRA:

The Fair Credit Reporting Act (FCRA), Public Law No. 91-508, was enacted in 1970 to promote accuracy, fairness, and the privacy of personal information assembled by Credit Reporting Agencies (CRAs).

This act sanctions consumers to one free credit report per year. This act also protects consumers in maintaining laws regarding the length of time negative information about a consumer (such as bankruptcies, late payments, and tax liens) may stay on the consumer’s report.

Who does the FCRA affect?

The FCRA ultimately affects everyone with a credit rating and a desire to be employed. Consumer credit information is used by a myriad of companies for many reasons. This act protects consumers against creditors basing financial decisions on information such as:

  • sexual orientation
  • marital status
  • drinking habits
  • hygiene

Before a background check or credit report is run, the FCRA requires creditors, employers, and others to provide the following information to consumers:

  1. The name of the company filing the report
  2. If contrary or hostile action is taken based on the results of the report

Background screening companies must abide by the FCRA as well as additional rules and regulations as per their company’s policies. The FCRA prohibits information such as medical history without consent.

An important point in the FCRA is that it only directly applies to CRAs (Credit Reporting Agencies) in investigations. Many other private investigation companies are held to similar rules and laws, but do not fall under the jurisdiction of the FCRA.

EEOC Update Webinar

We have published out webinar we did on the new EEOC updates that were released a couple weeks ago.  You can watch the video below or you visit our videos page.


Our recomendation

I have had some questions come to us after our webinar last week.  Here are a few recommendations.  and some are specific for Utah.  Here were a couple of the questions:

You indicated that in order to help us become more compliant, there may be some information within VICTIG to help us with a  written policy that:

  • Defines FCRA Guidance including adverse action
  • Defines EEOC Guidance including use of Green Factors and Individualized Assessment

So far, I’ve been unable to locate that information; is this something you can help me find?

I’d also like to ask you to explain the criminal matrix; do you have an example?


I suggest utilizing language straight out our the service agreement under section 2 B (see language below).  The only specific law to Utah that relates to you as an employer is found in the State Department of Labor Guidelines which states that employers may not ask about arrests without convictions. http://www.rules.utah.gov/publicat/code/r606/r606-002.htm  I would also include a copy of the adverse action flow chart that I have attached.  The great thing is utilizing our quick app feature takes care of all your obligations prior to ordering the the background check and if you need to take adverse action against someone, we’ve got that taken care of for you in the system as well.

  • EEOC Guidance

This is more complicated.  Here is the link to the actual guidance that was published last week http://www.eeoc.gov/laws/guidance/arrest_conviction.cfm

What I suggest you do is the following;