According to a National Employment Law Project (NELP) report, nearly 65 million Americans have a criminal record that could be identified by a background check. That equates to roughly one in four citizens who may have limitations in applying for jobs. Employer job applications have routinely asked questions up front for applicants to self-disclose prior convictions regardless of the level of the job position, or what background checks will be conducted prior to employment. State by State variances for employment practices add complexity to the hiring process. For regulated industries, like financial services or healthcare, the hiring process requires compliance rigor in the vetting and background check process based on the role and function. As technology has evolved, so have the tools and service providers used in the hiring process. – See more at: http://fi.deluxe.com/community-blog/forwardbanker-blog/balancing-compliance-ban-box/#sthash.XIi9vBs4.dpuf
Momentum for “Ban the Box”
Across the United States, there are growing cities, counties, and now multiple states that have banned the practice of using simple “Yes or No” questions on criminal history on job applications in certain sectors. Motivations include enabling past offenders to be able to apply, position, or clarify vs. being automatically excluded. The checkerboard of differences across states, cities, and industries, adds complexity for employers to understand the rules and specific requirements that may apply. Where applicable, the “Ban the Box” movement will require hiring organizations to update their internal policies and hiring criteria by job function, advancing the implementation of a more mature risk based personnel pre-employment screening policy. The shift will require organizations to document and implement specific guidelines by job role for how they will use the information collected during the background check process. To ensure fairness and prevent discrimination, employers should implement processes to review and update their hiring guidelines on a periodic basis, providing specific guidelines on their hiring criteria and decision making process.
Updated Equal Employment Opportunity Commission (EEOC) guidance clarified the use and interpretation of criminal records in the hiring process. Employers should review and assess their internal human resources policies, standards, and guidelines to assure compliance based on information they receive in background checks. FDIC regulations, including Section 19 require that any FDIC insured financial institution is not allowed to hire applicants that have been convicted or entered into pre-trial diversion for crimes involving dishonesty or breach of trust. Similar requirements for personnel screening can flow down to service providers based on the services performed for regulated companies. The recent Office of the Comptroller of the Currency (OCC) Bulletin on Third-Party Relationships highlighted the obligations of financial institution’s to evaluate if their service providers periodically conduct thorough background checks on its senior management and employees, as well as subcontractors who may have access to critical systems or confidential information. The guidance focused on qualifications, backgrounds and reputations of company principals. This may require increased scrutiny of internal procedures for existing employees, vs. pre-employment screening.
Compliance and Due Diligence
The shift to a “Trust but Verify” approach to service provider due diligence, requires financial institution’s to look beyond the actual Pre-Employment Screening policy of their service providers, but to verify evidence on the actual implementation of the policy. For service providers that serve multiple financial institutions, conducting sampling and testing with each client can be resource intensive. An option to assist with demonstrating compliance is to have an independent group, typically Audit, conduct a review of the implementation of the HR policies to demonstrate assurance.
Background checks remain a fundamental building block for risk management and compliance. Balancing the needs of compliance with trends including “Ban the Box” requires organizations and service providers to enhance their internal procedures and due diligence processes to address compliance.
Linnea Solem is the Chair of the Shared Assessments Program and is the Chief Privacy Officer and Director of Business Risk & Privacy Management for Deluxe Corporation. Linnea is a management professional with 20+ years financial services experience in areas eCommerce, technology, business development, marketing, information practices and risk management .She is a Certified Information Privacy Professional and led Deluxe’s compliance initiatives for Y2K, GLB, Check 21, and Red Flags Legislation.
Reposted with permission from Forward Banker