“I don't know how it is in your jurisdictions, but in Austria and Germany, there’s a good culture of trust,” said Bernhard Maier, CII, director of BM-Investigations E.U., at the 2017 ACFE Fraud Conference Europe. “We prefer to trust people. And it’s a convenient way, to trust people and not to question what they write on their CVs.”
However, as Maier explained, it's become more necessary to check applicants' backgrounds for more than their qualifications. "We don't want an accountant to embezzle money. Therefore, we screen him before we hire him," Maier told attendees. "We want to avoid, or reduce, the loss and damage of assets, like our workers stealing from our warehouses or our employees stealing goods from our companies."
However, previous criminal activity can be hard to find and can put organizations at considerable risk. There are checklist recommendations that usually provide a list of information sources that should be accessed during a screening — they tell you where you can find information on an applicant. But, according to Maier, many of these lists come from the U.S. and aren't multi-jurisdictional.
Maier gave an example of common checklist sources and how in Austria, there'd be no legal way for him to access some of the information. Therefore, Maier created a risk-based model for screening. Much like a basic fraud risk assessment, Maier’s model relies on using screening objectives to dictate information sources rather than only following a regimented checklist style. This leaves the operational implementation open and makes this method more universally applicable.
At a glance, his pre-employment screening model follows these steps:
- Plan: Assess risk profile of vacancy, determine scope and depth of screening, and define red flags
- Search: Find suitable sources of information, investigate information, assess credibility of findings and document findings
- Loop: Schedule an in-person interview with the candidate to address negative findings and uncover red flags of CV fraud
- Decide: Evaluate information obtained and make hiring decisions
Using the above model, employers should take their findings and then apply it to a risk profile matrix that contains a heat map of high-to-low risks in areas such as: extremism, financial problems, identity/residence concealment, false CV information, substance abuse and lack of integrity. The screening scope tells you which of the risk dimensions needs to be investigated. The screening depth tells you how deep to dig in the relevant risk dimension.
After evaluating all of your findings from the pre-employment screening method, Maier explained that you either recommend or reject the applicant, always from a security point of view. “If there is rejection, there should be a process in place for the case that management decides to override the recommendation," he said. "Otherwise, screening is no longer credible."
According to Maier, you should use a committee of at least three people: one from HR, one of the prospective supervisors and one from legal. They decide why you should hire this person despite negative screening results. They need to give an explanation and they would be held liable in case there's an incident afterward.
Ultimately, due diligence is key to protecting your company's assets and reputation. As Maier said during his presentation, there is more than one way to conduct a thorough background investigation. It's up to you as a fraud examiner to consider your jurisdiction’s specific laws and customs, and to assemble a team of diligent reviewers.
To learn more about employment screening, see the March/April 2017 Fraud Magazine article, "Sketchy job screenings lead to big trouble," by Thomas C. Lawson, CFE, CII.