Skip to main content
U.S. flag
An official website of the United States government
Dot gov
The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
Https
The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
FIL-46-2005 Attachment
Notes
 
Pre-Employment Background Screening
Guidance on Developing an Effective Pre-Employment Background Screening Process

The Federal Deposit Insurance Corporation (FDIC) is providing guidance to institutions on developing an effective pre-employment background screening process. This process can be an effective risk-management tool by providing management with a degree of certainty that the information provided by the applicant is true and correct, and that the potential employee does not have a criminal record. Used effectively, the pre-employment background screening process may reduce turnover by verifying that the potential employee has the requisite skills, certification, license or degree for the position; deter theft and embezzlement; and prevent litigation over hiring practices. Institutions should verify that contractors are subject to screening procedures similar to those used by the financial institution.

There are costs associated with developing and implementing an effective screening process. However, absent an effective screening process, a bank may incur significant expenses from recruiting, hiring and training unqualified individuals based upon their skill sets or backgrounds. These individuals may have to be replaced due to an inability to perform assigned duties or for other reasons.

Section 19 of the Federal Deposit Insurance Act prohibits any person who has been convicted of any criminal offense involving dishonesty 1 or a breach of trust 2 or money laundering, or has agreed to enter into a pretrial diversion or similar program in connection with a prosecution, from becoming or continuing as an institution-affiliated party; owning or controlling, directly or indirectly, an insured institution; or otherwise participating, directly or indirectly, in the conduct of the affairs of an insured institution without the prior written consent of the FDIC. Note that consultants who participate in the conduct of the affairs of an insured institution may be subject to Section 19 3 . Therefore, a pre-employment background screening process should be established by all financial institutions that, at a minimum, uncovers information regarding a job applicant's convictions and program entries to ensure that only appropriate persons are employed, or that an application for FDIC consent is sought, if applicable 4 .

Management should develop a risk-focused approach to determining when pre-employment background screening is considered appropriate or when the level of screening should be increased, based upon the position and responsibilities associated with a particular position. The sensitivity of the position or the access level of an individual staff member may warrant additional background screening, which should include verification of references, experience, education and professional qualifications. Furthermore, management should verify the applicant's identity. An on-going approach to screening should be considered for specific positions, as circumstances change, or for a comprehensive review of departmental staff over a period of time. Management should also have a policy that addresses appropriate actions when a pre-employment or subsequent screening detects information contrary to what the applicant or employee provided.

Other Background Screening
Whether a third-party service provider is contracted to conduct pre-employment background screening, or the screening is conducted in-house, the applicant's name should be compared against each federal banking agency's listing of individuals who are or were assessed civil monetary penalties (CMPs) or have been permanently removed and/or prohibited from banking. The FFIEC maintains links to each federal banking agency's enforcement action website via http://www.ffiec.gov/enforcement.htm . This review should be considered as one of the first steps in background checks made on any potential employee.

Also, Cease and Desist Orders are public records and can be accessed through a link from the above-referenced website. Cease and Desist Orders are generally issued against an institution and contain the subject of any strictures, prohibitions or limitations. While banks are not prohibited from hiring an individual who has been assessed CMPs or performed duties in an institution subject to a Cease and Desist Order, management should determine the individual's role in any possible misconduct and provide appropriate oversight of that individual.

In addition, the National Federal Bureau of Investigations (FBI) Fingerprint Service is a program offered by the FBI, with the American Bankers Association (ABA) acting as the intermediary. All financial institutions can submit fingerprint cards through this service. The FBI compares the fingerprints that are submitted against a criminal database and informs institutions of a positive match if a criminal record is discovered. A copy of the criminal identification record is then mailed to the financial institution. In addition, questions and answers have been developed for management's use, as well as a sample announcement that can be used to inform employees of the fingerprinting program. Refer to http://www.aba.com/Products/fingerprinting.htm for additional information.

A common practice is to require written applications rather than resumes from applicants. A standardized application form can provide legal protection that a resume may be unable to provide. For example, resumes may contain information that cannot be used in the hiring process, such as personal information or membership that is irrelevant to the hiring decision. Moreover, a written application should state that untruthfulness or material omissions are grounds for termination and that by signing the form, the applicant attests to the accuracy of the information provided. This is especially relevant for those candidates who fail to disclose criminal convictions. While a conviction is not necessarily a valid reason for automatically rejecting a candidate, the omission or lying about a conviction may become the basis for disqualification. Without a signature on an application, a candidate cannot be later terminated on the basis of falsification. Furthermore, information about the applicant is collected in a standardized format that can be compared to other applicants and more readily identifies inconsistencies. If bank management decides to use a third-party service provider, a standardized application should be used to enable the third-party service provider to collect data required for the screening process, such as previous addresses for a certain number of years, sufficient information to verify previous employment and supervisor's name, and gaps in employment history. For positions that require a specific degree, an authenticated copy of the college transcript may be appropriate.

Due Diligence in the Selection of Background Screening Service Providers
When selecting a third-party service provider for background screening of potential employees, due diligence should be used, just as with selecting any other service provider. Prior to contracting with a background screening service provider, management should obtain and review audited financial statements to determine the service provider's viability, internal control environment, and reputation. Legal counsel should review the contract prior to consummation, and determine whether the contract contains language protecting the confidentiality of information obtained from applicants. Management should discuss with the third-party service provider its own hiring and employment processes. In addition, management should ensure that any information obtained in the screening process is not provided to any other entities or persons, or sold for profit by the service provider. Management should also inquire about the safeguards that the service provider has in place to prevent identity theft. The bank's board of directors, or an appropriate committee thereof, should formally approve the service provider prior to finalizing the contract.

Some third-party service providers search for criminal or civil records only at the local or state level, rather than in all pertinent local, state and federal jurisdictions. Therefore, it is important that the service provider selected is willing and able to review records in each jurisdiction where the applicant has previously lived and worked.

Disclosure Requirements
Pre-employment screening is not an invasion of privacy, but a verification of information provided by the applicant. Nevertheless, the pre-screening process must comply with the Fair Credit Reporting Act 5 (FCRA), as information about a person's credit, character, general reputation, mode of living and personal characteristics are included 6 . Credit reporting agencies, which are covered by the FCRA, collect and communicate this information for employment purposes to the bank or entity conducting the pre-employment background screening process. Consequently, before requesting such a report, the bank must disclose in a separate document that the institution will be obtaining a consumer report on the applicant for employment purposes, and obtain the applicant's written consent.

If employment is denied based upon information in the consumer report, the applicant must be provided with the name, address, and telephone number of the consumer reporting agency that furnished the report, a statement that the consumer reporting agency did not make the decision to take adverse action and is unable to provide the consumer with the specific reasons why the adverse action was taken, and provide the applicant a notice of the applicant's right to obtain a free copy of the consumer report and to dispute with the consumer reporting agency the accuracy of any information in that report. If the applicant believes the information is incorrect, the applicant can inform the screening agency, which must remove or correct errors or unverified information within a certain timeframe. Finally, applicants have a right to inspect their application files.

For some of the larger background screening companies, applicants provide information directly into the service provider's system and grant approval directly to the service provider. The results are then accessible only to the potential employer. This allows for a more streamlined process, and the applicant is fully aware that a third party will be conducting the pre-employment background screening process.

Conclusion
The pre-employment background screening process can assist bank management in the hiring of qualified applicants, while simultaneously reducing turnover, deterring fraud, and avoiding litigation. However, to be effective, bank management should establish in writing criteria for when pre-employment background screening should be used and for circumstances or positions that may warrant increased screening procedures based upon perceived risks. While the pre-employment background screening process is not infallible, it can provide greater confidence that applicants' representations are accurate.

1 "Dishonesty" is defined as "directly or indirectly to cheat or defraud; to cheat or defraud for monetary gain or its equivalent; or wrongfully to take property lawfully belonging to another in violation of any criminal statute." FDIC Statement of Policy for Section 19 of the FDI Act, 63 Fed. Reg. 66,177, 66,185 (1998). See FIL 125-98 Dec. 1998).
2 "Breach of trust" is defined as "a wrongful act, use, misappropriation, or omission with respect to any property or fund which has been committed to a person in a fiduciary or official capacity, or the misuse of one's official or fiduciary position to engage in a wrongful act, misappropriation or omission." Id.
3 Id. at 66,184.
4 Banks are precluded from allowing persons subject to Section 19 from engaging in the conduct or relationships that Section 19 prohibits. The penalty that may be imposed upon banks or individuals for violating Section 19 is a fine of $ 1,000,000 for each day the violation continues or imprisonment for not more than five years or both.
5 See , 15 USC 1681a, et seq.
6 This FIL refers only to disclosures related to credit reports used for employment purposes in FCRA §§604 and 615 (15 USC 1681b, 1681m). It does not discuss the special requirements associated with investigative consumer reports in §606 (15 USC 1681d).