<img src="https://ws.zoominfo.com/pixel/nNZHHsNQlt78PDGCs7PY" width="1" height="1" style="display: none;">

Background Checks: Compliance with FCRA

compliance icon4 min read


Being responsible for hiring new employees means exercising due diligence to ensure the professionals you select are the best fit for your organization. In addition to evaluating skills and experience, many companies also use background checks to assess a candidate’s educational and employment history, credit, criminal record and more (depending on the industry and position). Applicants have come to expect this step in the hiring process, and HR leaders are used to carrying them out.

Yet, several organizations are now facing steep fines for violating the Fair Credit Reporting Act (FCRA) as part of their background check process. For example, earlier this year, Delta Air Lines agreed to pay a $2.3 million settlement for a class-action lawsuit alleging the company failed to provide more than 40,000 applicants with the appropriate FCRA background check disclosure, according to information from HR Dive.

Here’s what you need to know to help you avoid these types of penalties and ensure your practices comply with FCRA:

What is the FCRA?

The Fair Credit Reporting Act is a law passed in 1970 that regulates how organizations can access consumer credit reports and collect and store consumer credit information. It was written to protect consumer privacy by governing how (and with whom) the credit bureaus can share information about an individual’s financial history. This act also grants each person free access to their own credit report every 12 months from each of the credit reporting agencies (Experian, Equifax, and Transunion).

Under FCRA, individuals also have the right to verify the accuracy of their credit report when it’s checked for employment purposes. If information is inaccurate, consumers can file a dispute to have the information completed or corrected.

When an employer uses a third party to conduct a background check, they must comply with the FCRA as well.

What are employers doing wrong?

Often, when employers evaluate a candidate, they rely on consumer reports to determine criminal history information, driving records, and more, in addition to the individual’s credit standing. All of this is standard practice, but the way you collect and store this information can land you in hot water with the federal government.

Here are four bad hiring practices that can get you in trouble (and what to do instead):

  • Failing to notify the applicant in writing: The first thing you’ll have to do is inform the applicant you’ll be carrying out a background check, and that this information may factor into your hiring decision. To be compliant with the FCRA, you’ll have to provide this notification in writing as a stand-alone document.

  • Failing to get permission from the applicant: After you’ve informed the applicant you intend to complete a background check, then you must obtain their consent. It’s also critical you communicate to both the applicant and the third-party background check company that you won’t discriminate against the applicant or misuse the information in violation of state or federal equal opportunity laws.

  • Failing to inform the applicant how the background check impacted the hiring decision: If you decide not to hire the applicant based on the information you discovered in their report, you must provide the applicant a copy of the report with a summary of their rights under the FCRA, as well as contact information for the company that sold the report to your organization. You must tell the applicant that you’ve chosen not to hire them due to information within the report.

  • Failing to dispose of the information properly: According to the Equal Employment Opportunity Commission (EEOC), employers must keep employment records on file for one year. After one year, you should dispose of the information securely by shredding or burning the documents. If you’ve saved the information electronically, you’ll need to destroy the file adequately.

How can you ensure FCRA compliance?

Luckily, there are a few things you can do to ensure your organization is compliant with the FCRA:

  • Audit your background check forms: Have your organization’s legal counsel review your current background check forms to determine whether they meet compliance regulations.
  • Prepare an FCRA compliance checklist: Create a checklist to make sure you’re taking all the appropriate measures and precautions throughout the hiring process to avoid violating the FCRA.
  • Train all personnel involved in hiring on FCRA compliance: Everyone involved in hiring employees, including all HR personnel as well as hiring managers, should be trained on what the FCRA is and what they should do to ensure compliance. It’s a good idea for employers to document a compliance process and make the information readily available to candidates and employees.

In addition to federal FCRA laws, your state may also have its own provisions, so it’s essential you check those, too.

As an HR leader, you’re responsible for keeping up with plenty of employment rules, laws, and regulations, and the FCRA represents one more legal stipulation you’ll need to keep in mind. By following the above tips and best practices, you can make sure your company is compliant and help avoid the hefty fines associated with FCRA violations.