Best Practices for Employee Background Checks
When employers discover a problem on an employee background check, it’s important to tread carefully, especially if the discovery contributes to the decision not to extend an offer of employment. The last thing an employer wants to deal with is allegations of discrimination. Now, employers based in California may need to tread with extra caution following the proposal of new regulations by the California Fair Employment and Housing Council (FEHC).
The regulations are yet to be passed, but David Abella and Sarah Nichols of Ogletree Deakins in San Francisco write that if adopted, the new regulations would make it easier for job applicants and employees to sue employers for Fair Employment and Housing Act (FEHA) violations. In essence, the proposed regulations will define and clarify the rules about using a person’s criminal history in employment and housing decisions, and these regulations, combined with the growing adoption of “ban-the-box” legislation in California, will offer additional protections for candidates with criminal histories.
While the FEHA protects individuals from employment discrimination based on the protected categories of race, gender, religion, or disability, it does not protect individuals based on their status as an “ex-offender.” The proposed regulations, however, would create paths toward filing discrimination claims under the FEHA if an employer uses an individual’s criminal history to adversely impact a hiring decision and that individual is part of a protected class.
Now, although these new regulations are yet to be adopted, California-based employers as well as employers across the nation would be wise to keep a few best practices in mind going forward.
- First, depending on the nature of your business, consider whether/how criminal background checks will or won’t specifically benefit your business.
- Next, compose a policy that is explicit in how the policy is 1) job-related, 2) essential to the operation of business, and 3) inclusive of individualized assessment of employees and job candidates.
- Next, do away with “blanket policies.” These are policies that generally excludes candidates or employed due explicitly to criminal convictions on their records.
- Finally, organize HR trainings for anyone making hiring decisions to instruct on the proper collection and usage of criminal conviction histories.
These best practices offer protection for both the company, employees, and prospective employees.
What to Do About Credit Report Inaccuracies
Inaccuracies on a credit report may cost consumers opportunities in the form of employment, credit, housing, and more. Under the Fair Credit Reporting Act, consumers have a right to see and dispute information that appears on their credit report, and CRAs are required by law to investigate each dispute and issue a response.
Adding A Statement to the Report
When a consumer disputes an inaccuracy on their report and the CRA cannot resolve it, the consumer is allowed to add a statement to the report for future employers/creditors to see. The idea is that the decision-makers who have pulled the report will take the new information into consideration.
When Inaccuracies Are Found
Credit reports are created with a requirement that there be “reasonable procedures to assure maximum possible accuracy” (FCRA), and following a dispute, in the case that inaccuracies are found, said information must be removed within 30 days of the dispute being made.
Disputing Inaccuracies with the Furnisher
In addition to filing disputes with the CRA, consumers may now dispute inaccurate information with the furnisher, also known as the entities that supply CRAs with the information that determines the consumer’s creditworthiness, all during the normal course of business (e.g. credit card companies, retail credit, loan agencies, etc.). The furnisher, in turn, may not report the information to the CRA without also acknowledging the dispute. In the event that the information is inaccurate, the furnisher must prevent it being re-reported to CRAs.
Some information on consumer credit reports have a shelf life:
- Bankruptcies: 10 years
- Civil suits, civil judgments, paid tax liens, arrest records, accounts placed for collection: 7 years
- Criminal convictions: indefinitely
Good News for Consumers
Prior to the FACTA of 2003, consumers were forced to pursue disputes regarding fraudulent transactions directly with the CRA, but now credit information furnishers share more of the responsibility of ensuring accurate information on consumer credit reports. Following the FACTA, consumers may now work directly with furnishers to correct inaccurate information, thereby giving them fair access to legitimate opportunities throughout their lives.
State Protections Versus the FCRA
The Fair Credit Reporting Act is similar to other federal privacy statutes in that they provide a standard of protections for consumers without going into the nitty-gritty of state-level legislation. Acting as a type of frame for state legislatures to build off of, the FCRA is what is called “partially preemptive,” which means that aside from a few specific situations, states may pass laws to supplement the consumer protections offered by the FCRA. For example, some states have enacted legislation within their own state-lines that require CRAs to provide reduced-cost or free credit reports.
If consumer protections was a house, the FCRA would be the frame and foundation and state laws would be the walls.
The Fair and Accurate Credit Transactions Act
The FACTA, passed in 2003, included amendments that circumvented prior provisions of the FCRA that would have allowed states to pass laws before January 1, 2004 that would have preempted the FCRA, possibly granting greater protections to consumers while clamping the credit reporting industry with greater restrictions. The financial industry collaborated with Congress to pass the FACTA. Besides the elimination of the January 1, 2004 provision, the FACTA also:
- gave the FCRA broader preemption power
- retained all “subject matter” preemption provisions (this meant that consumers could opt out of prescreening reports, or the affiliate-sharing of their information for marketing purposes)
- provides further preemptions for the disclosure of credit scores
- preemptively regulates free credit reports
- allows states to enact sterner identity-theft-protection laws
- addresses certain areas of identity theft regulation with preemption, including areas such as truncation of payment card numbers and required CRAs to block identity-theft related information
Click here to read more on how the FCRA protects consumers and credit reporting agencies alike.
Who Can Request a Credit Report?
The Fair Credit Reporting Act regulates the use of credit reports as a protection for consumers. Permissible uses of the credit report include:
- Applications. This can be for opening new lines of credit, purchasing insurance, or finding a new place to live (rental applications).
- Employment purposes. Employers can request a credit report on prospective or current employees they are looking to hire, promote, reassign, or retain. The CRA and employer must procure the individual’s consent.
- Court orders (grand jury subpoenas).
- Consumer-initiated business transactions (for personal, family, or household purposes) for legitimate purposes.
- Account reviews by banks and other lenders for customer retention purposes.
- Professional licensing qualifications.
- Determining child support payments.
- Law enforcement for investigative purposes. Specific to government agencies with authority (via the Patriot Act) to have secret access to credit report for counterintelligence purposes.
- Credit reports containing medical information requires specific prior consent.
Non-permissible uses of credit reports focus primarily on target marketing, the act of pulling credit reports specifically to target potential clients based on their information.
Law Enforcement and Government Agencies
CRAs may supply the basic identifying information of any consumer to all federal, state, and municipal agencies. Basic identifying information includes their name, former address, and place of employment.
Before 9/11, the FBI already had access to credit reports for counterintelligence purposes. However, that access was contingent on their certifying that the information was necessary for “the conduct of an authorized investigation to protect against international terrorism or clandestine intelligence activities.” In other words, “We promise we need this information for legit reasons.” Upon certifying a legitimate need, the FBI’s access is considered classified (secret). The CRA providing the information may not disclose to the consumer or anyone that the file was accessed. Semiannually, a report is issued by the Attorney General to Congress of the FBI’s classified requests for credit reports.
After 9/11, the U.S. Patriot Act broadened access to credit reports to include law enforcement. Any authorized government agency may gain access to credit reports for investigative counterintelligence purposes. Like the FBI, the agency must certify that the request is for legit reasons. Again, the request is classified. The CRA may not disclose that the request was made and, unlike the FBI provision, there is not a semiannual reporting clause made by the Attorney General to Congress.
Background Checks and Employee Rights
Conducting employee screening and background checks is so prevalent a practice these days that a basic check can be done for under $20. More complex investigations, also called investigative consumer reports (ICRs), are much pricier and are often conducted on candidates of high level positions.
Why Conduct a Background Check?
Employers elect to pay for background checks on prospective employees because they want to make informed hiring, promotion, reassignment, and retention decisions. The incentive is to protect their organization by hiring only the most trustworthy and qualified candidates, but there are a few things employers must ensure in order to maintain FCRA compliance and avoid litigation.
- There must be understanding between the employer and the CRA issuing the consumer credit report that the employer will comply with the Fair Credit Reporting Act.
- The employer must obtain written consent from the consumer/potential employee in question.
State and Federal Laws
Some of the provisions federal and state laws have placed on background checks for employers have to do with denying employment based on criminal history.
- Some states prohibit the use of arrest data in employment decision if there was no conviction.
- Other states allow taking adverse action in response to conviction history only in certain circumstances.
- On a federal level, the Equal Employment Opportunity Commission (EEOC) prohibits the denial of employment based solely on a criminal conviction if that conviction is not relevant to the job.
The Fair and Accurate Credit Transactions Act
In 2003, the Fair and Accurate Credit Transactions Act was passed, which allowed a clause that omitted data from protections under the FCRA if the investigation is related to suspected misconduct of an employee, whether breaching the law or the employer’s written policies. The FCRA still protects the employee’s right to notice is the investigation results in adverse action being taken. Additionally, employees must provide explicit consent for the release of medical information to be used for employment purposes.
What are Credit Reporting Agencies and What Do They Do?
Credit reporting is subject to regulation because of the sensitive nature of the information being exchanged. The results of credit reports put individuals at risk of losing opportunities in the form of loans and job offers, and even housing. The Fair Credit Reporting Act exists to both preserve the right to vet prospects before making important decisions, as well as to protect the rights of individuals.
In the FCRA, rights and responsibilities are established for three parties:
- Consumers (individuals)
- Furnishers (the entities providing the information to CRAs about consumers’ creditworthiness)
- Users (entities that request the credit reports of consumers in the course of evaluating them for some purpose)
Credit Reporting Agencies
So what are CRAs? Credit reporting agencies are the entities that collect and sell credit and other financial information about consumers. By engaging in the practice of procuring and using credit for transactions, we agree to supply our credit profiles to CRAs.
The three national CRAs in the U.S. are Experian, Trans Union, and Equifax. Smaller CRAs exist with a concentration on certain regions of the country. Other organizations considered to be CRAs include:
- Inspection bureaus (background check providers and companies that sell information to insurance companies)
- Tenant screening companies
- Check approvals companies
- Private investigators, detective agencies, collection agencies, and college placement offices can also be considered CRAs under the legal definition
What Do They Do?
CRAs provide consumer credit reports for any purpose that the consumer approves of. This can include determining consumer eligibility for:
- professional licensing
- paying child support
The report itself contains basic identifying information as well as:
- financial information (estimated income, employment, bank accounts, value of assets)
- public records information (arrests, bankruptcies, tax liens)
- credit accounts with status, consumer’s payment habits, etc.
- items in collections, unpaid or disputed bills
- employment history
- the number of requests for credit reports on record, including identity of requestors
- medical bills and information
A Consumer’s Guide to Exercising their Rights
The Fair Credit Reporting Act (FCRA) was passed in 1970 in order to regulate the use of personal information among employers, insurers, and lending agencies and to protect consumers from abuse. The FCRA spells out consumer rights and penalizes agencies found to be in noncompliance with the regulations.
The following is a guide for consumers to recognize and exercise their rights before granting authorization for their credit information to be pulled.
Guide to Your Rights as a Consumer
- Exercise caution when supplying your personally identifying information to another party. This information can be used against you in the form of identity fraud and includes your SSN, date of birth, and mother’s maiden name. Read more here.
- Always request to see your report whether a prospective employer has pulled it or a crediting agency. CRAs may charge for you to view it, but the FTC has capped the charge at $9. The reason you would want to look at your own report is to inspect it for errors and/or accounts that have been opened without your knowledge. You should especially view your reports if the results have been cited as the reason for a denial of service or employment.
- You can choose to opt out of “prescreening,” which is the practice of selling your information based on your credit. If you’ve ever received unsolicited offers for credit cards, it means that when your consumer credit report was pulled during the hiring process of your new job, it was shared with affiliates who are now trying to market their services to you. In order to opt out, you need to send a letter or call 1-888-5OPTOUT.
- Under the FACTA, amendments to the FCRA require that your bank inform you of how to opt out of affiliate sharing marketing, which like “prescreening,” puts you on a list to receive unsolicited marketing materials. Do this to cut down on junk mail and minimize the risk of identity fraud.
- There is also “affiliate information sharing” to worry about and opt out of. Under the FCRA, you can stop banks, credit card companies, and other creditors from sharing your transactional information for whatever reason.
- Know your rights. If you think your consumer information has been used improperly or your right under the FCRA have been violated, you can file a complaint with the FTC and contact an attorney who specializes in FCRA litigation.
- Demand that CRAs withhold the last five digits of your SSN with supplying credit reports.
- You can place a “fraud alert” with the CRAs in the event that you have been or suspect you may have been the victim of identity theft. This prevents credit from being issued in your name.
Why the Fair Credit Reporting Act Exists Today
As the credit reporting industry grew, so did the need to regulate its reach. Until the passing of the Fair Credit Reporting Act, there were no protections for the individuals whose personal information was being compiled in the form of “investigative consumer reports” and provided to private businesses to make hiring (for employers) and lending decisions (for loan officers and crediting agencies).
Concerns about consumers’ rights arose in the 60s, when Retail Credit Co. began buying out CRAs and selling consumer credit reports to insurers and employers. The information included in these reports was being used to deny individuals services and opportunities, but these same individuals had no right to see what was being reported.
Other controversial practices included:
- quotas for retrieving negative information on consumers, which incentivized investigators to falsify reports
- collection of “lifestyle” information, including sexual orientation, marital status, drinking habits, and hygiene
- retaining and reporting outdated information
- no authorization process for who could view reports
When the public became aware of these unregulated breaches in privacy and confidentiality, the outcry resulted in Congressional inquiry and the passing of the Fair Credit Reporting Act (FCRA) in 1970. Despite the passing of the act, efforts to enforce its provisions are ongoing. In 2000, three CRAs were pursued for violations and made to pay $2.5 million in a case settlement. A few years previously, in 1996, amendments were passed in the Consumer Credit Reporting Reform Act to improve the FCRA, but also to:
- allow affiliate sharing of credit reports
- unsolicited offers of credit to consumers (prescreening)
- and limited preemption of stronger state laws on credit
In the Fair and Accurate Credit Transactions Act of 2003, more amendments were made, including a provision that allows free credit reports annually. Read more.
Reacting to Background Check Results: Guidelines to Follow
You run background checks in the first place to protect your company assets. So when something turns up that causes concern, it is important to take adverse action as conscientiously as you did the process of running a background check.
For example, before conducting a background check on a prospective employee (also called a consumer report), you must have:
- acquired written permission from the applicant to seek a consumer report
- made the applicant aware that a report was being sought and that the results could potentially affect their employment eligibility
- ensured that your process adhered to local and state laws pertaining to consumer report information as well as FCRA regulations
Taking adverse action means denying or terminating employment based on the information uncovered in the screening process. When or if you decide to take adverse action in response to the results of a consumer report/background check, you must do the following in order to remain compliant with the FCRA:
- let the application know of the decision in writing, providing proper notice and clear reasoning
- provide the applicant with a summary of their FCRA rights
- provide a copy of the consumer report
- give the applicant a chance to explain or rectify the information uncovered
- provide the contact info of company used to obtain the consumer report, including a disclaimer that the company was not responsible for the decisions made
- properly dispose of applicant’s sensitive information
By following these guidelines, you protect yourself from liability in regards to your decision while also protecting the interests of your company. Read more.