California Courts Change Contractor Test for Employers


A growing number of companies are opting to hire and employ contract and project-based workers in lieu of permanent employees for a number of reasons including increased workforce flexibility and the lower costs including employee perks, training and benefits.

An Intuit report showed that contingent workers of all types (temporary employees, independent contractors, project-based gig workers and on-demand workers) make up 36 percent of the workforce, and are expected to reach 43 percent by 2020. Around 80 percent of large corporations plan to substantially increase their use of contract employees.

Relying on a contingent workforce invites some risk. Most notable is the government’s scrutiny of such relationships to ensure that these workers are truly contractors and not employees whose pay would be subject to various withholding taxes. Uber paid millions of dollars in settlements of class-action lawsuits from drivers who argued that they should be classified as employees and entitled to employee benefits.

The California Courts Legal Ruling

The most recent legal shakeup involves the state of California. In late April, In a ruling with potentially significant consequences for the gig economy, the California Supreme Court made it much more difficult for companies to classify workers as independent contractors rather than employees.

According to The New York Times, Dynamex Operations West, Inc. v. Superior Court could require companies like Uber, many of which are based in California, to follow minimum-wage and overtime laws and to pay workers’ compensation and unemployment insurance and payroll taxes, potentially upending their business models.

Industry executives have estimated that classifying drivers and other gig workers as employees tends to cost 20 to 30 percent more than classifying them as contractors. It also brings benefits that can offset these costs, though, like the ability to control schedules and the manner of work.

The primary change in California independent contractor law is the state requirement that adopts a modified “ABC” test for determining whether an individual is an employee under the Wage Orders. This new independent contractor test is modeled on Massachusetts’ independent contractor statute, which is considered the strictest in the country.

California courts and state agencies have long applied what is known as the “Borello test” for determining whether a worker was an independent contractor under the Industrial Welfare Commission Wage Orders. This flexible, multi-factor approach looked primarily at whether the hiring entity had a “right to control” the manner in which the worker performed the contracted service, along with eight other “secondary” factors, such as whether the worker was engaged in a distinct occupation or business, the skill required in the particular occupation, and whether the worker or the hiring entity supplied the tools used to perform the work and the place where the work was performed.

The New Three-Factor Test and Approach

Despite the Borello test being used for decades for Wage Order cases, the California Supreme Court rejected it in favor of a more rigid three-factor approach, called the “ABC” test.  Under this new test, a person will be considered an independent contractor only if the hiring entity can prove all three of the following:

(A) that the worker is free from the control and direction of the hiring entity in connection with the performance of the work, both under the contract for the performance of the work and in fact;

(B) that the worker performs work that is outside the usual course of the hiring entity’s business; and

(C) that the worker is customarily engaged in an independently established trade, occupation, or business of the same nature as the work performed.

It remains to be seen how California courts will apply this new independent contractor test, or if the standard or its application will be limited by federal law (like the Federal Aviation Administration Authorization Act, or FAAAA, has limited the standard in Massachusetts when applied to certain arrangements involving motor carriers of property). Regardless, companies should expect that it will be more difficult to prove that an individual was classified as an independent contractor under California wage and hour laws.

Although the California Dynamex court case only considered the relevant test for wage order claims, worker classification issues are relevant in many other contexts, such as tax, workers’ compensation, and wage-and-hour claims derived from a source other than the wage orders. This decision is a seismic shift for California wage and hour law and class litigation. The court now imposes a burden on businesses to defend their classification of workers as independent contractors. Misclassification of such workers can result in significant legal exposure with respect to wage and hour compliance.

For federal compliance, to properly classify a worker as an employee or independent contractor, carefully review the IRS’s guidance on contractor and employee designations prior to making a classification decision. Misclassifying a worker as an independent contractor can result in penalties as well as back pay for benefits and taxes. The IRS can help employers determine the status of their workers by using Form SS-8, Determination of Worker Status for Purposes of Federal Employment Taxes and Income Tax Withholding. IRS Publication 15-A, Employer’s Supplemental Tax Guide, is also an excellent resource.

Compliance Changes for California and Hiring Contract Workers

The new contractor test in California adds another layer to compliance. The new “ABC” standard is likely to place a heavy burden on companies with independent contractors in California. Companies that engage and hire contractors should involve their legal department or consult legal counsel to review the relationship with their contractors under the “ABC” test. Factor B, in particular, may be troublesome for any entity that uses independent contractors for its main service or product (such as delivery drivers hired by a delivery service company, cake decorators for a bakery, or at-home seamstresses for a clothing manufacturer).









Hiring and Recruiting in a Post-GDPR Era


Now that the EU General Data Protection Regulation (GDPR) is in effect (as of May 25, 2018) the time to be proactive has passed. Companies must now focus on compliance with the regulation, particularly in HR and recruiting, which rely heavily on candidate data.

GDPR Recruiting & Hiring Recap

To recap, the GDPR was designed as a replacement for the Data Protection Directive 95/46/EC with the purpose of reconciling country-specific and sometimes conflicting European data privacy laws. Most importantly, it aims at changing the way organizations operating in the EU, or those collecting personal data from EU residents, approach data privacy. It also provides a harmonization of the data protection regulations throughout the EU, in theory making it easier for American companies to comply. However, the new regulations mean it is now unlawful to use an EU resident’s data without his or her explicit consent.

It’s important to note that the GDPR isn’t just about companies who hire in the EU. It’s also about employers who are employing EU residents wherever they may live. The GDPR applies worldwide as to any company that offers goods or services (even if they are free) within the EU or collects, processes, or maintains (anywhere) personal data about European residents. Recruiters are going to need to restructure candidate engagement, sourcing and recruiting programs that focus on candidate data, recruiting and HR technology, and refocus on building compliant candidate and employee relationships.

How GDPR Impacts You and Your Recruitment Vendors and Technologies

From the application process to background screening, companies recruiting or employing EU residents must adhere to strict regulations with regards to data. Under GDPR, you are required to ask for explicit consent, clarify how you will use individual candidate’s data, and make sure that the data remains secure. This involves more than simply adding a clarification and a checkbox to data collection forms. Your vendors – such as your ATS, payroll, and recruiting software, must also be GDPR compliant.

GDPR introduces direct obligations for data processors for the first time. Processors will also now be subject to penalties and civil claims by data subjects. This means that, if you haven’t already, it’s imperative that HR and recruiting leaders speak with and understand if their vendors and partners are taking steps to be compliant with GDPR.

Below is a short list of questions that you should ask your vendors and partners in relation to GDPR compliance. It’s imperative that your HR technology vendor is compliant with the new regulations, as well as liability for violations and noncompliance.

  • Have their contract terms changed with GDPR?
  • What level of consent do you seek when applicants submit their data?
  • Process for storing, collecting, & deleting data
  • Timeline for auto deletion – circumstances & data type
  • What is documented timeline for keeping data?
  • What processes exist to keep data up to date?
  • Have they appointed a data protection officer?

Do You Need a Data Protection Officer?

In relation to the last question above, Section 4 of GDPR outlines the requirement for applicable entities to appoint a data protection officer (DPO). According to Article 37(1), data controllers and processors shall designate a DPO where:

  1. The processing is carried out by a public authority or body, except for courts acting in their judicial capacity;
  2. The core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; or
  3. The core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offences referred to in Article 10.

Most firms required to appoint a DPO would fall under sub paragraphs (b) and (c). Article 39 outlines five minimum tasks that the DPO must perform:

  1. Inform and advise firms and employees who carry out data processing on applicable data protection provisions
  2. Monitor compliance with the GDPR, other data protection provisions, and additional internal data protection policies; this includes training and auditing
  3. Advise on data protection impact assessment (DPIA)
  4. Cooperate with the supervisory authority
  5. Serve as main contact for the supervisory authority

A word of caution: In many cases the business can be both data controller and data processor. However, because the GDPR makes the distinction, we’d like to consider the shared responsibility of both parties.

Companies that determine the means of processing personal data are controllers, regardless of whether they directly collect the data from data subjects. For example, a recruiter (controller) collects the data of its clients when they apply for a job, but your recruiting technology (processor) stores, digitizes, and catalogs all the information. These companies can be ATSs or full-suite recruiting software companies. Both organizations (controller and processor) are responsible for handling the personal data of these customers.

Recruiting Strategy Changes Post-GDPR

Because short-term recruiting programs, or what we refer to as “reactive recruiting,” will come at a price due to the GDPR, HR teams must focus on building candidate relationships and providing value for the long term. The value of building relationships, sharing information, and providing resources will be more important than ever in order to engage and recruit candidates.

Related: GDPR Compliance in the Background Screening Process

If you’ve already begun adapting your recruiting model to GDPR compliance, you’re probably ahead of other companies when it comes to compliance and hiring. The consulting firm Gartner estimates that more than half of the companies that are subject to the GDPR will not be in compliance throughout this year. They will be at risk.

If you’re in the half that is not yet compliant with the GDPR, consider it an opportunity to revamp your current practices and candidate outreach.

HR is already tasked with a lot of compliance responsibilities, many of which are not of its own making. It can be process-driven and this might be a great time to consider splitting the department into two areas: compliance (the processes) and HR (the human side), or clearly defining when to use technology, and when to put people back into the mix. With the right balance, HR teams can be more productive, more engaged, and use the human element to attract and retain top talent.

And yes, the GDPR is primarily about data. But it’s also timely to note that at the heart of appealing to candidates is that humans don’t want to BE data; but they do want more control over how their data is used. A phone call or personalized response can mean the difference between considering a role at your company or moving on for a candidate.

The solution to adapting your recruiting and hiring processes isn’t more technology; it’s better technology that has data compliance and support in mind. When it comes to GDPR in recruiting and hiring, your tech should not only comply with new regulations, but also support the broader mission of the recruiting and hiring side of your organization. This gives you the peace of mind on the compliance side allowing you to focus on improving your hiring processes and candidate quality.

When it comes to pre-employment and post-employment background screening, Cisive GDPR compliant.  If you are an existing Cisive client and have questions concerning GDPR compliance in your background screening program, please contact your Cisive Customer Service Representative.  For those of you who have not yet experienced the benefits of Cisive and are interested in learning more, please call us at 1.866.557.5984.

Rob Jones
VP and General Manager
Global Executive Intelligence Division


The Impact of the Extended Senior Managers Regime on Screening Requirements

Senior Manager's RegimeThe Senior Managers Regime (SMR) is part of the UK financial regulation introduced by the Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) and is aimed at increasing personal accountability of senior level people in the financial services industry. The SMR was initially implemented in the banking sector after the 2008 financial crisis, considered the worst economic crisis since the Great Depression. The SMR’s purpose is to reduce consumer risk and strengthen market integrity by holding financial services managers in senior positions accountable for their conduct and competence. The SMR covers both domestic and international firms with UK operations.

The FCA’s expanded scope of SMR requirements will go into effect May 2018, and extends beyond the banking industry to include insurers and solo-regulated firms. Some facets of the current banking regime will also be affected. This will significantly increase the number of firms required to comply and bring an end to the current Approved Persons Regime (APA).

Individuals working in a ‘Senior Management Function’, as defined by the FCA, must be approved by the FCA before taking on the responsibilities of the role. In addition, firms will need to ensure the suitability of the Senior Manager by completing a ‘fit and proper’ assessment.

As a result, firms need to certify at least annually that senior managers are suitable to perform their job functions. It is proposed that firms should perform criminal record checks for each Senior Manager and obtain a ‘regulatory reference’ from the Senior Manager’s previous firm.

At Cisive, we are experts in the specific risks and regulations that apply to regulated industries. For many years, we have provided tailored solutions to meet the unique requirements of our financial services clients.

In 2017 we opened an international operations centre in London, England to manage our global screening business. We recognize the specific challenges that our clients with a UK presence face, from managing Brexit contingency planning, to implementing General Data Protection Regulation (GDPR) compliant procedures, dealing with MiFID 2, in addition to preparing for SMR changes.

At Cisive we are prepared for the extended SMR and GDPR regulations and will contractually support you as a data controller in the background screening process. As a data controller, we will stand alongside our clients and assume responsibility for implementing and managing employee screening procedures in compliance with GDPR.

Cisive has rolled out a suite of SMR specific screening solutions to help ensure efficient and effective application of the new regulations. Our Senior Manager Regime solution includes:

  • Digital, touch-free inbound and outbound Disclosure and Barring Service checks for basic and standard disclosures
  • Continuous criminal monitoring service
  • FCA ‘fitness and propriety’ package
  • Regulatory reference regime compliant service
  • Education and employment checks performed by our UK-based team
  • Full GDPR compliance and indemnification

If you are a financial services institution providing financial services in the UK, any and all employees considered senior decision makers fall under the scope of the new regulation.

With more than 40 years of experience, Cisive offers the most efficient and effective solution for the financial services industry.

For more details or to further discuss how Cisive can help your organization meet the extended requirements of the GDPR and Senior Manager Regime, please contact us at +1 866-557-5984 or email



Rob Jones
VP and General Manager
Global Executive Intelligence Division

GDPR Compliance in the Background Screening Process

The General Data Protection Regulation (GDPR) will become enforceable on May 25, 2018.  Will your pre and post-employment background screening processes be GDPR compliant?

Join Cisive for a live webinar, “GDPR Compliance in the Background Screening Process” on Thursday, March 15 @ 1:00 pm EST.

Rob Jones, General Manager, Global Operations in London, will discuss the different areas of recruiting and hiring that GDPR impacts including background screening, candidate experience and sourcing.  He will also touch on compliance requirements for the extended Senior Manager’s Regime (SMR).

Both of these regulations will place additional burdens on employers and significantly increase the importance of compliance.

Don’t miss the exclusive event on GDPR compliance! Cisive can help you efficiently and effectively apply the new regulations.

Register today!

Robert Jones, VP and General Manager, Global Operations
Rob Jones joined Cisive in 2017 and leads their global operations and executive intelligence division from their London office. Prior to joining Cisive, Rob held a leadership position with a specialist global risk management consultancy. In this role, he developed and implemented risk assessment, due diligence, and compliance programs for Fortune 100 corporations operating internationally.

Rob Jones
VP and General Manager
Global Executive Intelligence Division

General Data Protection Regulation (GDPR) Compliance in Your Background Screening Process

GDPR ComplianceWhen it goes into effect on May 25, 2018, the EU’s General Data Protection Regulation (GDPR) will enforce a set of laws designed to protect European citizens’ personal data. It will affect all companies that deal with personal data — and even non-EU-based companies will still have to comply. GDPR will impact not just companies who are hiring in the EU but also those that are employing citizens of the EU who live in different areas of the world.

What is GDPR Really About?

So what exactly is GDPR about? It was designed as a replacement for the current Data Protection Directive 95/46/EC with the purpose of reconciling country-specific and sometimes conflicting European data privacy laws. Most importantly, it aims at changing the way organizations operating in the EU, or those collecting personal data from the EU’s citizens, approach data privacy. It also provides a harmonization of the data protection regulations throughout the EU, thereby (in theory) making it easier for American companies to comply.

Under GDPR it will be unlawful to use an EU citizen’s data without his or her explicit consent. This citizen data includes consumer information and more importantly, for talent acquisition leaders, candidate information. GDPR fundamentally changes the way recruiting teams can engage candidates who are citizens of EU countries in the areas of resume and application storage, candidate data collection, employment branding activities, and candidate sourcing strategies.

How GDPR Will Impact the Hiring Process

Recruiters will no longer be able to send emails to users who have not opted into their mailing list. Additionally, recruiters and HR staff must be aware of who is currently in their database. This means you may wish to consider grouping candidates in the EU into a different category than candidates elsewhere (who are not impacted by GDPR). You must obtain affirmative consent before collecting or sharing candidate data.

From the application process to background screening, companies recruiting or employing EU citizens must adhere to strict new regulations. Under GDPR, you are required to ask for explicit consent, clarify how you will use individual candidate’s data, and make sure that the data remains secure. This involves more than simply adding a clarification and a checkbox to data collection forms. Your vendors – such as your ATS, payroll, and recruiting software, must be GDPR compliant.

How to Ensure Vendor Compliance 

The impact of GDPR is broad, but it focuses on data collection. You’re likely using an ATS or other recruiting software, along with vendors that run background checks or candidate screens. It’s imperative that your vendors are aware of the GDPR constraints and fully compliant. Here are seven questions to ask your vendors:

(1) Do you have a clear privacy policy?

Even if you currently have one in place, companies will need to write a clear privacy policy that consumers will actually be able to read and understand. In that policy, companies must clearly indicate what personal information is being requested or collected. Candidates or applicants have to be given a choice of whether or not to provide their data and any data that is collected needs to be clearly marked for the specific purpose for which it was collected. NOTE: Any data that is collected for a stated purpose can only be used for that purpose and for which consent was obtained. This means that data collected for a job application can be used for background checks only if the applicant gives explicit consent.

(2) Do you have GDPR compliance for applications around the world or will you have separate policies for each country?

Your ATS and any other software you’re using to hold data will need to be GDPR compliant. If your ATS and other vendors are on their game, they’re already working on compliance or have compliance for GDPR in place.

(3) Opt-out or opt-in?

Most U.S. companies currently use an opt-out policy when collecting and sharing consumer data. The opt-out model requires consumers to specifically ask data collectors and aggregators not to share their data with third parties. Otherwise, consent is assumed by default. The GDPR will require organizations to do just the opposite. You must obtain affirmative consent before collecting or sharing candidate data. Make sure your vendor is prepared for this change.

(4) How will you handle “Right to Erasure” 

Under the GDPR, candidates must be able to access and review their data anytime they like, ask for updates of their data, and even allow for full deletion upon request. Candidates will have the “right to be forgotten or right to erasure,” meaning that candidates can request for their data to be erased when it is no longer necessary for the original purpose.

This impacts your ATS and the hiring process because applicants can apply for a position, get rejected, then request their right to erasure. A few months later, the same job seeker could apply again, but you won’t know it because your ATS won’t show it. No data, no notes from previous interviews, no data on the job seeker at all. And not only will you have to remove data by request from your ATS, it also must be removed from the sourcing tools your ATS uses. The same goes for any data collected for the purpose of a background screen.

(5) What is your Breach Notification policy?

GDPR requires companies to inform consumers about data breaches impacting their personal information. While that requirement is not particularly new for American companies—most states mandate it currently—the breach reporting requirements under GDPR are strenuous. Notification must be made within 72 hours from the time the breach is discovered.

(6) Are you prepared for GDPR Reporting Requirements?

Under Section 3, Article 35 of the GDPR, a Data Protection Impact Assessment (“DPIA”, which is also commonly known as a Privacy Impact Assessment or “PIA”) is required for any processing that may result in “high risk.”  The supervisory authority shall establish and make public a list of the types of processing operations that require a DPIA. While official public lists from the Data Protection Authorities (“DPAs”) are forthcoming, your company and its vendors should begin identifying areas of high risk, such as data processing, email triggers, data collection, and portability of data (when erasure is requested).

(7) What is your company’s liability for failure to comply?

GDPR fundamentally changes the way recruiting teams engage candidates who are citizens of EU countries in the areas of resume and application storage, candidate data collection for background checks, employment branding, and candidate sourcing. Compliance is mandatory for all organizations that are processing the personal data of EU residents across the globe. Failing to comply could result in severe penalties of up to 4 percent of worldwide revenue of the prior financial year or €20 million euros, whichever is greater. If your vendor software isn’t compliant, who is responsible for penalties?

Compliance is as important to your vendors business as it is to yours. If you’re not sure, use the list above as a starting point for ensuring your vendors are compliant so that you’re not scrambling to do so in May.

When it comes to pre-employment and post-employment background screening, Cisive is prepared for the GDPR.  To learn more about Cisive’s commitment to GDPR compliance, contact us at 1-866-557-5984 or email

Rob Jones
VP and General Manager
Global Executive Intelligence Division

A Class Action Lawsuit Bonanza: FCRA Lawsuits Increase Almost 60% In One Month

According to a report by WebRecon, from September 1, 2017 to September 30, 2017, 556 consumers filed FCRA (Fair Credit Reporting Act) complaints, 245 of which are class actions (44.1%). That’s a 58.4% increase from August 2017.

Year to date, 3,328 FCRA lawsuits have been filed!

Here’s the good news for Cisive and its clients! With 3,328 FCRA suits filed this year, NOT ONE is against Cisive or any of its clients!! That’s because Cisive works with its clients to establish and enforce strict compliance procedures to eliminate exposure and provides them with the best tools to comply.

Compliance is key!

Noncompliance can be costly for everyone! At Cisive, we ensure accuracy and FCRA compliance through primary source verification and perfecting of criminal records. Our background screening philosophy is always to minimize exposure from disparate impact while reducing negligent hiring risk.

The growing number of FCRA lawsuits listed below is indicative of the current litigious environment and shows that companies need more help than ever to ensure compliance.

January 2017 – 418 filings

February 2017 – 256 filings

March 2017 – 406 filings

April 2017 – 266 filings

May 2017 – 378 filings

June 2017 – 386 filings

July 2017 – 302 filings

August 2017 – 351 filings

September 2017 – 556 filings

For more information on how to keep your company out of harm’s way, read Cisive’s informative white paper, FCRA Required Pre-decision and Adverse Action – Failure to Notify Opens the Door for a Class Action Lawsuit.

Contact a Cisive Specialist today at 1-866-557-5984 or

US Immigration and Customs Enforcement (ICE) Announces It Will Quadruple I-9 Workplace Enforcement

Thomas Homan, the Acting Director of ICE, recently announced that the agency intends to increase the number of workplace enforcements by four to five times the current level. He further said this will include prosecuting more employers that knowingly hire immigrants not legally authorized to work in the United States

Workplace inspections will include auditing of an employer’s Forms I-9 and the arrest and removal of any employees who do not have valid work authorization. In addition, ICE will increase workplace inspections to verify compliance for employees holding nonimmigrant visas in the categories of H-1B, L1, O-1, and R1 status.

What happens if your company is non-compliant?

Fines for non-compliance will be significant for substantive mistakes when completing Form I-9 and for knowingly employing undocumented workers. ICE recently fined a nationwide tree-trimming company a whopping $95 million for hiring undocumented immigrants. Inspections could also end in criminal prosecutions of businesses, managers, owners, and employees who hire undocumented immigrants.

Tips for remaining compliant

It is more important than ever for employers to make sure their I-9 forms and processes are compliant. The laws around I-9 compliance are not new. Employers have known since 1986 that they must verify their employees’ right to work in the United States. To avoid investigation, employers should follow the law by:

  • Implementing a comprehensive, company‐wide I‐9 process that all involved in hiring in your company are aware of, understand, and can follow.
  • Completing Form I-9 for every person hired according to the instructions by USCIS. Don’t forget to use the new Form I-9 recently issued by the Department of Homeland Security;
  • Collecting the acceptable documentation that proves identity and authorization to work; and
  • Keeping accurate and up-to-date records that are readily available for inspection.

Cisive can help!

Tools like E‐Verify can help employers simplify their process, and ultimately ensure their compliance of the laws and avoidance of fines and other penalties. Companies like Cisive offer user‐friendly, automated E‐Verify solutions that capture, store and manage the entire I-9 process.

In our continuing effort to keep our clients out of harm’s way, Cisive has created two informative white papers on I-9 compliance which can be accessed below:

The Impact of I-9 and E-Verify Legislation

What You Need to Know About Electronic I-9 Signature


Top 4 Compliance Steps in Avoiding Liability Issues During the Hiring Process

Reasonable Reporting Procedures

How compliant is your background screening provider? The Federal Trade Commission (FTC) has found that certain practices may be indicators that a background screening company isn’t following reasonable procedures.

For example, if a report lists criminal convictions for people other than the applicant (a similar name with a different middle name or date of birth from the applicant) the company can face significant compliance concerns―so significant, that two of the largest CRAs recently paid out $10.5 million to harmed consumers, and $2.5 million in civil fines.

Ask your background screening vendor about their litigation record.

 Demand thorough matching criteria from your provider to save money and to ensure compliance.

 Provide Timely Notice

Prior to requesting a background report, the FCRA requires that applicants receive necessary disclosures in a stand-alone document and then provide authorization to proceed.

When the report contains public record information, and your CRA does not make sure that information is complete and up to date, (generally a poor practice and very risky shortcut), they are required to send a notice to the candidate with a copy of that public record.

Also, when background reports contain items which may have an adverse effect on a consumer’s ability to obtain employment, the FCRA requires that a pre-decisional letter along with a copy of the report and the summary of rights be sent to the consumer. This notification is required prior to adverse employment, retention or promotion action being taken. However, 43 claims of improper notice were filed against 4 of the largest CRAs in the past year alone.

Improper timing of adverse hiring decisions can create legal liability for your company!

Ensure Information is Accurate

The FCRA requires that a background screening company “shall follow reasonable procedures to assure maximum possible accuracy…” When purchasing pressures or competitive bidding drives the pricing too low, some background screening companies take shortcuts that put them, your candidates and your company at risk.

As a user of background reports, you have a responsibility to understand the quality measures taken by your provider, and you need to consider the litigation history of potential background providers to protect your candidates and your company.

Know your background provider!

Don’t let a few dollars price difference for individual backgrounds put your company at risk for settlements in the millions!

 Reinvestigate Disputed Information

Even if reasonable procedures are fully implemented, employers need to ensure a process is provided to register and investigate disputes in a timely manner.

Under the FCRA, applicants have the right to ask for and access their files, dispute the accuracy of information, and receive written notice of the investigation results. Properly handled disputes protect you by ensuring that your candidates are treated fairly, and that qualified candidates are not overlooked because of incomplete, incorrect or out of date information. You should ensure that candidates can easily register disputes online, by phone, or mail.

Your CRA should have a robust dispute process overseen by senior management to ensure thorough and timely reinvestigation that protects your candidates and your company.

Ask your CRA for dispute and accuracy statistics. Remember, FCRA compliance is the only option!


New EEOC Guidance on Workplace Harassment Prevention

The EEOC says an alarming percent of the thousands of charges it receives annually now include harassment allegations which generate a lot of litigation. Charges of harassment come at a steep cost for employers. According to the EEOC, the Commission resolved 28,642 harassment allegations in 2015. Of those, 5,518 charges were resolved in favor of the charging party resulting in $125.5 million in fines for the employers. In light of these findings, the EEOC has taken steps to help both workers and managers handle the problem.

EEOC 2015 Statistics in the Private Sector

  • 27,893 charges received (31%) alleged harassment
  • 28,642 charges resolved (31%) alleged harassment
  • $125.5 million secured for employees alleging harassment in EEOC’s pre-litigation process
  • 33 lawsuits filed by EEOC (23% of all suits filed) alleged harassment
  • 42 lawsuits resolved by EEOC (27% of all suits resolved) alleged harassment
  • $39 million in monetary benefits secured for employees in EEOC lawsuits involving harassment

The EEOC has created a strong guidance on the best ways to prevent harassment in the workplace. The guidance includes four checklists that the EEOC urges employers to use to prevent harassment. Some of the highlights of the guidance include:

Leadership & accountability

  • A prevention effort that is supported with resources at the highest levels of the organization.
  • Time that is allocated by leadership for a harassment prevention effort.
  • A harassment prevention policy that is easy to understand.
  • Surveys to assess whether your employees have felt harassed.
  • Bystander intervention training that empowers co-workers to intervene when they witness harassment.
  • Civility training to promote acceptable conduct rather than just focusing on “what not to do.”

Anti-harassment policy

  • A clear description of prohibited conduct, with examples.
  • A clear description of your reporting system and the multiple avenues to report harassment.
  • Statements that individual names will be kept confidential to the extent possible.
  • Assurances that those who report misconduct, or act as witnesses to it, will be protected from retaliation.

Reporting & investigations

  • Managers who take reports of harassment seriously.
  • An environment in which people feel safe reporting behavior.
  • Well-trained investigators, who document all the steps they take.
  • Procedures (like follow-ups) to determine if individuals who report harassment experience retaliation.
  • Systems to ensure alleged harassers are not presumed guilty until it is determined that harassment occurred.
  • Communication of the findings of the investigation to all parties and, if appropriate, pending discipline.

Compliance training

  • Regularly repeated training.
  • Training provided to all employees at every level of the organization.
  • Qualified, live & interactive trainers.
  • Examples of harassment tailored to your organization and employees.
  • Simple terms that describe your reporting process.
  • Clear explanations of the consequences of harassment.
  • Instructions on how managers can report harassment up the ladder.

To view the 95-page report from the EEOC, entitled “Report of the Co-Chairs of the EEOC Select Task Force on the Study of Harassment in the Workplace,” click here.

Sweeping immigration law changes are coming! Know your responsibility as an employer.


All indications are that the new President’s key initiatives will include sweeping changes in immigration. According to immigration law, employers have certain responsibilities during the hiring and background screening processes. Federal law requires that every employer who “recruits, refers for a fee, or hires an individual for employment in the U.S. must complete Form I-9 Employment Eligibility Verification,” according to the Department of Homeland Security (DHS).

It’s time to review your I-9 program and ensure it is compliant. Here’s why.

  • Monetary penalties for knowingly hiring and employing undocumented workers can be up to $16,000 per violation.
  • Penalties for technical violations, including failing to produce a Form I-9, can be up to $1,100 per violation.
  • Criminal penalties can be up to 6 months in prison for engaging in a pattern or practice of hiring, recruiting or referring for a fee unauthorized aliens.

Immigration and Customs Enforcement’s (ICE) audits are serious. In 2015, Hartmann Studios was hit with the largest fine ever ordered$605,250 – for more than 800 I-9 paperwork violations. Most of the violations were due to repeated failure to sign section 2 of the I-9 form. Employers need to have an audit proof process to ensure forms are properly completed and retained.

As part of our Onboarding Solution, CARCO can facilitate an electronic Form I-9 process (using e-signature technology) AND complete the E-Verify process through an interface with the DHS. The results of this process are available to clients within seconds. The employee’s I-9, along with the supporting documents, are then stored in compliance with ICE requirements.

In addition to the mechanics of providing the documents, CARCO’s I-9 solution allows its clients to achieve a far higher level of compliance than would otherwise be possible by having e-mail reminders, reporting, and e-mail escalation notices if these tasks are not complete.

Now is a good time to review your I-9 process with a CARCO Specialist to ensure compliance. Contact us a 1-866-557-5984 or click here to receive more information.

Don’t forget that the new Form I-9 must be used starting January 21, 2017.