• United States




Believe your employer doesn’t know about your legal problems? Think again

May 01, 20179 mins
CareersIT JobsIT Skills

Companies hire a third party to scour public databases to make sure employees are not getting into legal trouble that would impact their jobs. But is it ethical?

crime scence police tape
Credit: Thinkstock

An employee gets stopped over the weekend for a DUI. Unbeknownst to him once his name hits the police’s public database, his employer will know about it soon after – whether the conviction has any impact on the employee’s job performance or not.

That is just one scenario in which enterprises are checking up on their employees to make sure their private lives don’t impact the companies bottom lines. It is not uncommon for companies to do background checks on prospective employees, but some businesses are carrying that through while employees still punch the clock.

Security company Endera explained that employers want to know if an employee is on a criminal watchlist, is booked or arrested, loses a key certificate, is in financial distress or is involved in a lawsuit. An employee roster is loaded into the continuous monitoring system, and that system provides 24/7 scanning of thousands of external data sources. The employer receives real-time, secure alerts for further investigation.

While more than 98 percent of businesses conduct pre-hire background checks on potential new employees, less than one-quarter proactively use post-hire background screenings for current employees, according to the Endera survey of nearly 300 CXOs. The survey indicates most executives have no way of knowing if employees have been arrested or involved in other civil, financial or domestic activities after being hired.

Endera’s risk alerts are focused on those that demonstrate a change of behavior that leads to problems with customers and fellow employees. The fraud pyramid describes opportunity, pressure and rationalization as the leading attributes of fraud, the company states. Endera detects the pressure and matches the insider’s role to the risk that presents the opportunity.

“From embezzlement-related crimes to a history of workplace violence, having insight into such potentially problematic employee behavior is paramount to the success of the business and most importantly, the safety of other employees and customers. This should take precedence over everything else,” said Endera CEO Raj Ananthanpillai.

With the example of the employee arrested for DUI, Endera’s system recognizes that a DUI for an airline pilot is a significant problem while embezzlement is not. But a DUI for an engineer working on JP Morgan’s credit card portfolio is not a problem while embezzlement is a huge problem, the company says.

So, when an employer receives a risk alert the initial determination is has the employee potentially violated a customer service-level agreement or a security clearance requirement. If so, the employee could be redeployed or benched pending a final outcome of the incident. If not, the employee is placed under greater scrutiny, Endera said. Additional information such as IT, HR and access control data is reviewed to determine if a change in behavior appears in the other silos. Privileges are tightened and the employee can be referred to an employee assistance program, where a deeper investigation can be triggered and resolution can be determined.

“Companies face risk trade-offs every day. The safety of employees and customers should be the highest priority,” Ananthanpillai said.

In Endera’s December survey of 278 business executives, fewer than 25 percent of companies proactively review current employees at risk. The survey also showed that the top reported employee risk mitigation procedures are direct supervisor observation and employee self-reporting.

Most post-hire employee screenings are conducted only after an incident is discovered. Endera said companies are mostly blind to the external pressures on employees that contribute to their making bad decisions and causing harm to customers, colleagues and corporate assets.

With tech employees (and contractors) Endera said it is looking for financial pressure – foreclosure, pre-foreclosure, payday loans, garnishments and liens as examples. They also look for malicious intent around wrongful taking and embezzlement-related crimes. Endera’s system also looks at “citations” which can be an indicator of “rationalization” or manifestation of “pressure” which are major components to committing fraud. 

“Most businesses rarely address the risks employees pose once they are hired. Our platform quantitatively proves safety to customers by detecting troublesome behaviors and matching this behavior to the risk that it presents to the business,” said Ananthanpillai.

Endera explains that security personnel are inundated with unprioritized and general risk notifications. Endera has chosen to avoid social and general web data since it hasn’t proven conclusive in identification of role-specific risk to employers. The company says its data has to be verifiable and provide an audit trail and be legally defensible. 

Endera queries criminal, civil, sanctions, watch lists and licensing data sources at the federal, state and local level to provide role specific risk alerts. They not only rely on conviction data, and the software captures booking and charging as well as convictions. Endera also receives citation data since that captures a large percentage of incidents that are not captured in court data. Its data covers 100 percent of sex offenders, 97.2 percent of criminal and over 98 percent of civil cases as a percent of the total population of the US.

Endera receives its alerts directly from the jurisdiction up to third-party aggregators.

In a second use case, Endera cited workplace violence and sexual harassment. A predilection for violence is found in its criminal data across bookings, charges and convictions. Endera has a current use case where a Fortune 500 company tracks ex-employees because of threats made against the company and fellow employees. 

Hospitals are seeking to screen employees and patients for domestic abuse detection, which Endera identifies through divorce, restraining orders and citations. 

With regard to contractors or gig economy workers, Endera says its data shows that contractors generate two times the number of criminal incidents when compared against a Fortune 500 employee base. For a CSO, anybody that provides contract services will begin to see SLA requirements at the employee level regarding risk, Endera officials say.

Endera is not allowed to look through credit bureau information, saying that the Fair Credit Reporting Act (FCRA) regulations are very restrictive in the use of credit bureau information. Endera instead works backwards from bankruptcies to foreclosures, pre-foreclosures, garnishments, liens as well as payday loans to determine financial pressure. It also includes insight into large asset purchases to identify unexplained household wealth.

Is it ethical to do so?

There is certainly a trust factor that appears to be broken with employers constantly checking up on employees. If the employee’s job performance has not suffered by a conviction, should it be held against them? Those in the ethical and legal field say it is not unlawful to do so but outsourcing this task might be ethically crossing a line.

Bill Sandwald, professor of ethics in business at San Diego State University, said he has no problem with companies going through public databases to find information on their employees. “Companies do that a lot to try to find out as much as possible,” he said. “I am not sure I like (outsourcing) as much. If the crime is not applicable to the work situation, that’s an issue and should be disregarded.”

Katherine Armstrong, an attorney for Drinker Biddle focused on data privacy, said a variety of laws and regulations may touch criminal background checks used for employment purposes. For example, many pre-employment background checks are conducted by consumer reporting agencies that must comply with the FCRA, which includes specific conditions for furnishing and use of background checks for employment purposes. In addition, state laws may apply. Depending upon the facts, post-employment background checks may be covered by the FCRA or other state laws.

“Without commenting on the applicability of such laws, we believe that transparency is an important principle to protect and respect an individual’s privacy. One way to be transparent is provide employees with a clear and conspicuous notice that post employment criminal records checks are being or will be conducted and a description of how that process will work and include, for example, what information is collected and how it will be used,” said Armstrong.

Dan Eaton, a San Diego employment attorney and instructor in business ethics and employment law at the San Diego State University Fowler College of Business Administration, said It is not clear that courts would agree that an employer may violate Title VII (the federal employment anti-discrimination law) by taking into account a job applicant’s criminal convictions – as opposed to arrests — in making a hiring decision.

He added that in California, an employer may not ask an applicant about arrests that did not lead to convictions. In California, an employer also may not ask a job applicant about convictions related to low-level marijuana offenses that are more than two years old  (except for convictions for the possessions of marijuana on school grounds or possession of concentrated cannabis) and any information concerning a referral to, and participation in, any pretrial or post trial diversion program.

From an ethical perspective, it is prudent for a prospective employer to obtain information about a job applicant’s criminal record, particularly where the job requires interaction with customers, he said. An employer cannot know whether a particular conviction is related to a particular job unless the employer has at least searched the employee’s public record. 

“These background checks also appropriately are used to check the veracity of an applicant’s answer to a common job application question about whether he or she has any record of criminal convictions,” Eaton said. “The law gives an employer broad latitude in vetting job applicants, generally prohibiting only inquiries that offend statutes addressing discrimination based on membership in a protected class and statutes protecting whistleblowers. That latitude is ethically appropriate in my view, an example of the law and ethics being in alignment.” 

The employment relationship, regardless of the particular job, rests at some level on trust and criminal convictions are relevant to evaluating that aspect of character, he added.

What side do you sit on in this situation? Let us know on our Facebook page.