As the UK trial of Ian Huntley for the Soham murders wound to a close last December, it was widely reported that the vetting process which was used in assessing his suitability for working with children was severely flawed.The Home Secretary's immediate announcement of the Bichard inquiry indicated the importance the Government attached to establishing what went wrong. As we also digest the recent report from the National Audit Office into the performance of the Criminal Records Bureau (CRB), it seems an opportune time to reflect upon what measures an employer can put in place to minimise the risks involved in recruitment.
Although the CRB has now issued more than three million disclosures since it opened two years ago, it will be some while until it fulfils its objective of 'making recruitment safer all round'. Until then most employers will need to rely upon other elements for verifying a job applicant's background.
Increasingly they are putting systematic pre-employment screening programmes in place.
Such programmes are based on candidates providing a detailed account of their background, normally by completing and signing a questionnaire issued to them at the job offer stage. They are asked to confirm that they have provided full and accurate details and to give their consent to the screening.
The reasons for this are twofold. First, making the process transparent has the effect of deterring candidates with a dubious curriculum vitae from proceeding. Second, obtaining consent satisfies one of the tests under the Data Protection Act 1998 (DPA) required to render the processing of the subjects' personal data lawfull).
Making enquiries
After collecting the raw data, a structured set of enquiries checks the accuracy and completeness of the information provided. This will typically involve accessing public and commercially available data sources (for example Companies House to confirm directorships and credit referencing agencies to access information on county court judgments) and contacting third parties such as schools to verify academic records and employers to confirm employment history. The table illustrates the range of areas where enquiries might be made.
Typically the content of screening will be geared to the risks associated with the position the applicant will fill. For example, establishing that a candidate does not have a blemished credit history is common for jobs involving the handling of cash2); establishing that a candidate has no outside business interests is prudent for positions in procurement. Careful selection of the checks to be conducted will also serve to satisfy the DPA requirement for proportionality and keep costs within reasonable bounds.
The objective is to build as complete a picture as possible of the candidate, but there are limitations. An increasing problem is difficulty in confirming residential addresses. Following the Robertson decision3) and subsequent regulations, the sale of the electoral roll is subject to stringent restrictions and credit referencing agencies such as Experian can only supply the full roll for a few clearly defined purposes (including the granting of credit and anti-money laundering checks), which do not include pre-employment screening.
Over a quarter of the electorate now exercise their right to opt out of the freely available edited register. Also, many schools routinely purge ex-student data, which can hamper enquiries where the candidate left school more than five years ago. And records of ex-employees are often difficult to obtain from companies that have merged or been taken over. The high rate of failure in the SME sector obviously has a similar impact.
Research overseas presents additional challenges. While most countries have enacted domestic legislation similar to the UK DPA to implement the EC Data Protection Directive 95/46/EC, there is generally a cultural bias in continental Europe that screening invades an individual's privacy.
This, together with the widespread use of employment certification (Arbeitzeugnis) in place of employer-to-employer referencing, increases the difficulty of screening in a number of European countries. In other regions such as the Middle East there are virtually no legally accessible public record data. The USA, where screening is commonplace, is more straightforward but, despite recent database consolidation in some states, the highly decentralised nature of record keeping means that criminal record checks frequently still need to be conducted manually at a district or county courthouse level. Equally, the Fair Credit Reporting Act requires careful handling of credit data for employment purposes, especially where using a third party agent.
Pre-employment screening does not involve the screener making judgments about a candidate's suitability. It simply seeks to confirm facts and to highlight anomalies and discrepancies to the recruiting organisation.
The latter should discuss any differences with the applicant to find out the reasons, so that it can decide whether or not to proceed with the appointment. Minor discrepancies which result from a genuine error or omission will not normally jeopardise employment, but firms are normally unforgiving of blatant attempts to misrepresent and deceive.
Mitigating risks
What risks does screening mitigate? First, simply having a well-advertised programme will undoubtedly deter some unscrupulous candidates. Second, ensuring that those recruited into a company are honest and open about their past provides some real comfort that they will continue to demonstrate high standards in employment. There is no guarantee but, with increasing levels of corporate fraud and with management or staff involved in close to half of all fraud cases4, it is incumbent on professionals in risk, security and HR to examine the part screening can play in managing exposure to fraud and reducing operational risk.
There are other risks, too. The concept of 'negligent hiring' has for many years been established in law in a majority of US states, where it has been held that 'prior to the time the employee is actually hired, the employer ... should have known5 of the employee's unfitness' and is liable if it did not perform an adequate background investigation. Courts have ruled that 'an employer has a general duty to check criminal records for employees who will have interface with the public, or who could have a foreseeable opportunity to commit a violent crime against someone during the course of their employment.'
The average settlement in negligent hiring cases is now well over $1m, and employers are reckoned to lose over 70% of cases. Whether similar reasoning will develop in the UK remains to be seen, but in recent years courts have taken a more liberal line in holding employers vicariously liable for torts committed by employees5), seemingly keen to define a more contemporary common sense approach.
Uncovering the past
Finally, two examples of what a robust screening programme can reveal.
They are not the stuff of Daily Mirror headlines (remember how one of their reporters outwitted Buckingham Palace's lax recruitment processes to gain a job as a footman last year?), but they do demonstrate how applicants' attempts to disguise their past will be caught by rigorous database research and referencing.
Candidate A, a young clerical worker, spent six months as an agency temp at a leading investment bank and was screened at the point he was offered full-time employment. On paper his background included an honours degree and some 5 years' work experience, including placements by two well known banking staffing agencies.
Detailed reference checking established that all was not quite what it seemed. His university confirmed his degree as third class and doubted the authenticity of the letter he had produced to evidence a higher grade.
A previous employer advised that he had not passed a probationary period with them because he had failed to meet regulatory competency requirements and our researchers noted that the reference letter he claimed to have received from a bank where he said he had worked for 18 months was, suspiciously, in non-standard form. Further investigation revealed that he had worked there for six months only, and exposed two undeclared and significant gaps in his career.
Candidate B was an IT contractor, presenting what appeared to be solid technical experience, a first degree in computer science and an MBA. His referees spoke well of his abilities and work record, but doubts arose when his university had no record of attendance or award of a degree.
Database research uncovered further issues concerning his credit history and raised concerns about his integrity. The list of prior addresses he had provided omitted one address, probably because it was linked to a record of bankruptcy and a number of county court judgments, two of which were in relation to a company in which he had failed to disclose a directorship.
He was also silent about his involvement with three other companies.
Would you have employed these people? If you do not screen, you might easily have done so.
1) It is however unwise in the context of an employment relationship to rely solely on consent: the EC Article 29 Working Party (Opinion 8/2001) takes the view that 'If it is not possible for the worker to refuse it is not consent'.
2) Beware of assuming that a good credit history is predictive of job performance. Research in the USA (Palmer and Koppes, University of Eastern Kentucky, 2002) indicates no correlation between good credit history at the time of recruitment and subsequent performance ratings
3) R v Wakefield MDC and Secretary of State for the Home Department, ex parte Robertson [2001]: Robertson successfully established that the sale of the electoral roll for commercial purposes was a breach of his Human Right to privacy.
4) KPMG Fraud Barometer 2003: management 35%, employees 9%.
5) See Lister and Others v Hesley Hall Limited [2001] UKHL 22 (House of Lords) and Mattis v Pollock (t/a Flamingo's Nightclub) [2003] EWCA Civ 887 (Court of Appeal)
- Alan Beazley is director of business development at The Risk Advisory Group's employee screening business, Tel: 020 7578 0000, www.riskadvisory.net.