After her interview with a large accounting firm, Lila Beckford got a verbal offer for a job as a senior financial consultant. Told to expect a written offer pending a background check, she signed the required authorizations allowing her potential employer to search her credit reports, criminal background, references, and other data sources.
Then she got a call. The background check had turned up a "blip": a civil suit had been filed against her. The manager apologized profusely, but explained that the firm couldn't make a written offer until the case had been resolved. The problem was, says Beckford, she hadn't been sued. The true subject of the lawsuit was the current resident at Beckford's previous residence. The background-screening company had made an error. Once Beckford explained the mistake, the accounting firm checked again, and eventually offered her the job.
In response to 9/11 and the rash of accounting scandals, companies have increasingly relied on background checks for prospective employees. Generally conducted by a third party, basic checks include checks for a criminal record; date, source, and subject of educational credits; and dates and places of prior employment. But more and more often, companies are also gathering information on credit history, civil litigation, motor-vehicle record, even "mode of living" and character.
For some jobs, obviously, such extensive checks are essential. No one wants a taxi driver with multiple driving violations or an assistant controller with a record of bounced checks. But given how many more background checks are being conducted — ADP Screening and Selection Services reported a 65 percent jump between 2001 and 2004 — companies may be going overboard.
Apart from the philosophical question of whether this practice violates an applicant's right to privacy, widespread use of elaborate background checks poses several problems for employers. First, errors are common; in fact, screening companies are required to warn their customers of that possibility. Second, theft of confidential information may leave employers vulnerable to lawsuits. And third, to a surprising degree, background checks fail to identify potential wrongdoers, while disclosing much information that is irrelevant to job conduct.
What's Job Related?
In Beckford's case, employment experts say the company should probably not have cared even if the suit had been filed against her. (Beckford's employer declined to comment.) The Equal Employment Opportunity Commission, which enforces antidiscriminatory employment laws, has stated that any fact an employer uses to deny employment should be job related, and experts think that civil suits usually don't pass the test. "I don't believe that civil searches are job related," says Barry Nadell, president of Chatsworth, California-based InfoLink Screening Services. "If you do a civil search, you have to be ready to defend the job-related aspect of it. I see a lot of employers gathering information even though they can't explain why they need it," says Philip Deming, principal of Philip S. Deming & Associates in King of Prussia, Pennsylvania, a security and human-resources firm.
"Using any of the search services," like LexisNexis, says Deming, "you can get information on whether a person has ever had a foreclosure, been sued or arrested, or if he lives with someone he isn't married to — data that isn't relevant to a job but still makes an impression on a potential employer."
Oddly enough, a Society for Human Resource Management survey shows that, overall, employers are moving away from examining an applicant's actual work history and are turning instead to credit, criminal, and character data checks before hiring. In 1996, 92 percent of employers checked references and 84 percent checked work history. In 2003, both of those numbers dropped significantly (to 80 and 79, respectively). In their stead, 80 percent of companies that conducted background checks in 2003 did criminal checks, compared with 51 percent in 1996. Credit checks rose from 19 percent in 1996 to 35 percent in 2003.
Chalk it up to fear of liability. Although in practice it is difficult for an ex-employee to sue an ex-employer over a negative reference, companies have shied away from sharing more than dates of employment with prospective employers, because of the perceived potential for a lawsuit. Companies also fear a "negligent hiring" lawsuit if they have failed to complete due diligence on an employee who later commits a crime on the job. The problem cuts both ways. "Let's say the employer does the due diligence and gets a lot of info on a potential hire," says Deming. "Now, there's a lot of information sitting in a file about that person. If the employee commits a crime and someone sues, the first thing the defense expert is going to ask is, 'What information is available in the HR file?'" Costs associated with such litigation can run to the hundreds of millions of dollars.
To date, no organization has ever produced empirical evidence that background checks can reduce the incidence of fraud. In fact, the cost of employee fraud has remained steady since 2000, at about 6 percent of GDP, according to the Association of Certified Fraud Examiners (ACFE). A study by that group in 2004 reveals that most corporate fraud is committed by first-time offenders; only 12 percent are repeat offenders.
That's not to say that background checks are useless. They are certainly effective at weeding out people who are trying to hide an unsavory past. But the absence of guidelines on how to use background-check results means that managers are relying on gut instinct in evaluating them. "Most companies don't have guidelines," says Mark Jacoby, senior partner in the employment law practice group of Weil, Gotshal & Manges LLP in Manhattan. "I think it's generally a judgment call. You look at all the information at your disposal and ask if any of it raises a red flag."
The federal Fair Credit Reporting Act governs third-party "consumer reports," which include credit reports; the more in-depth "investigative consumer reports," which can include interviews with neighbors and associates; and criminal background checks. (The act does not apply to companies that conduct background checks in-house.) But state employment law varies widely, and are often stringent. Neither state nor federal rules offer guidance on how the data in the reports should be interpreted.
Absent real guidelines, either a company's legal department or HR bears de facto responsibility for developing background-check policies. It is also charged with protecting the safety and eventual destruction of whatever personal employee data is gathered.
New Federal Trade Commission rules that went into effect as of June 1 mandate that any consumer credit information discarded by a company must be destroyed properly so that it cannot be retrieved or reused. As recent data breaches at Bank of America and Time Warner show, this is far easier said than done, especially since the market for illegally procured personal data is expanding. Although no laws currently mandate handling or destruction rules governing noncredit data collected for a background check, experts say employers may still be liable if that data is stolen or misappropriated.
"If your company is collecting data for a business purpose," says J. Michael Gibbons, vice president for federal security services at Unisys, "how you handle, store, and destroy it is all subject to some concept of negligence. If you mishandle it, or don't protect it properly, I think you'll be subject to civil judgments," if the data is subsequently misused.
Eliminating background checks altogether is not really an option. Many industries now require checks for certain types of workers and prohibit hiring or licensing of anyone with a criminal history. For others, checks are just common sense. At Sunstone Hotel Properties, a hotel management firm and division of Interstate Hotels, every employee from a housekeeper to the CEO is subject to a background check.
Aside from looking for discrepancies between the application and the background-check report, the company has one basic guideline. "Typically, we don't hire people with felonies, because of the type of work that we do," says Nida Palpallatoc, director of human resources, alluding to the hospitality and housekeeping tasks that expose employees to guests and their personal belongings at close quarters. The background check is conducted only after a job offer is made.
EEOC rules stipulate that employers cannot simply bar felons from consideration for a job unless there is a "business necessity" for doing so. Says Palpallatoc: "We have hired people with felonies before," if the felony wasn't job related. "Some have worked out. Some haven't."
The company proudly displays plaques in all of its facilities informing potential candidates and guests alike that all employees are subject to criminal- background checks. "We post the plaques not just as a deterrent but also to let guests know they are safe," says Palpallatoc. There is no actual correlation between employees without felony convictions and safe guests, of course, a point that Palpallatoc concedes. "But it's a contribution toward that end," she says.
For CFOs, there is a personal aspect to background-check policy. Because they hold such highly responsible positions, with their hands on the financial heart of the corporation, CFOs are more thoroughly checked than other employees, including other C-level employees.
"For finance people, I want to know everything," says Deming. "You're spending significant dollars to hire them, and the corporation is totally exposed to them." Peter Turecek, a New York–based management director at Kroll Associates, the business-intelligence and investigative arm of Kroll Inc., specializes in such background searches, which he says routinely include interviewing everyone related to a candidate, up to and including drinking buddies.
Bypassing the C-Suite
Sunstone is one of the few companies that performs in-depth background checks on executives. Despite the fact that monetary losses caused by executive fraud are 14 times greater than those caused by rank-and-file employee fraud or theft, according to the ACFE study, executives generally bypass the process.
"Many companies will do checks on a cashier, but not the C-suite officers," says Turecek. "A lot of high-level candidates come by word of mouth from executives. The last thing an HR director wants to do is shoot down a candidate that the board or CEO proposed. They don't want to run afoul of the old-boy network."
In fairness, background checks are least effective at the top. They might weed out executives who fudge their résumés, but it is unlikely they will identify the type of people who perpetrate the massive fraud that topples companies. The ACFE says that while background checks can help companies make informed hiring decisions, money may be better spent on tighter internal controls and anonymous tip lines for employees, vendors, and customers — which, it claims, is how most companies in its study caught fraud.
"None of the guys who are on trial right now would have been flagged by a background check," says Deming. "Some companies want exhaustive behavioral tests of their CFOs and senior executives, but you still wouldn't have found a thing."
Kris Frieswick is a senior writer at CFO.
Some Tips for Correct Checks
- Make background checks job relevant. Don't reach too far for a job-relevancy connection if none exists — it could be grounds for a failed candidate's lawsuit.
- Data in background reports may be inaccurate. Make it company policy to discuss anomalies with the candidate.
- Work with your HR department to understand the federal and state rules governing background checks and job applications. They vary widely, and state rules usually supersede federal.
- Except for certain jobs, it is discriminatory to create a blanket hiring policy excluding felons from consideration. Exclusion based on a felony must meet a job-relevancy test to meet Equal Employment Opportunity Commission guidelines.
- Most fraud is committed by first-time offenders, making background checks of limited value in fraud prevention. According to a survey by the Association of Certified Fraud Examiners, the most effective way to catch fraud is via an anonymous reporting mechanism (such as a tip hotline), followed by internal audits.
- New FTC rules mandate the destruction of credit data obtained from consumer credit reports after its "business purpose" has been achieved. This includes credit information obtained during background checks. The FTC's Website (www.ftc.gov) offers more specifics on the Fair and Accurate Credit Transactions Act. — K.F.