Full screen ahead

Cases just like this one are not uncommon, but they do at least serve to remind contract and in-house security managers of the importance of pre-employment screening and vetting for their personnel.

The all-new Criminal Records Bureau – scheduled to 'go live' on 1 March – along with the licensing of security officers by the Security Industry Authority (SIA) will eventually improve checks on prospective employees. That said, full licensing may not be achievable until 2005. In respect of the Criminal Records Bureau, it would be true to say that certain employers should already be taking steps to fall into line with the new order, while others ought to be considering their position. Either way, ALL employers will eventually be affected by the new legislation.

Many companies steadfastly refrain from implementing a proper screening process. Background verification services have traditionally carried a Secret Service-style mystique about them, and Boards of Directors are fearful of landing themselves in front of an employment tribunal as a result of breaching privacy or Human Rights legislation.

The time has come for these self-imposed blinkers to be removed. Any failure to take heed of forthcoming legislatory changes could result in an organisation's pre-employment practices breaching criminal law, whereupon both the security manager and personnel involved will be held to account. There will also be an attendant financial and/or public embarrassment when the time eventually comes to deal with 'the enemy within'.

There remains a vast difference between what we perceive should be the minimum number of checks and balances to be gone through when taking on new staff, and the number that actually occur. It's fair to say that the majority of security posts being recruited on a daily basis have not been subject to proper risk assessments before being advertised. Subsequently, background verification checks have not been deemed necessary.

Risk assessment is crucial. When assessing risks to the business from taking on new security personnel, managers should review every task that the persons concerned will be expected to perform, not to mention all those individuals and items of information with which they'll come into contact. Then it will be time to draw up a list of the minimum standards and characteristics required of each candidate, what you'll need as proof of capability and how you'll verify the information given.

Contrary to popular opinion, it is possible to strike a balance between ensuring that the company is certain of an individual's integrity, and at the same time respect that individual's right to privacy.

Security screening to BS 7858
First published in 1996, BS 7858 is the framework document that sets out screening procedures to be applied to all those personnel whose main job function is security.

Through adherence to this standard, it's intended that the employment of people who are dishonest, unethical or adverse in character will be avoided.

BS 7858 makes it quite clear that provisional employment should not commence until screening that stretches back for a minimum of five years has been satisfactorily completed. A candidate's employment history should be screened for a period going back not less than ten years (or to the point of leaving full-time secondary education if this is less than the ten (five)-year period). In addition, the screening of a candidate's employment history should be fully-established on a month-to-month basis.

Further, the full screening process must be satisfactorily completed within 16 weeks of employment having commenced. If not, any provisional employment should cease. At least two written character references must be obtained for each candidate, and information sought on each potential employee's (possible) criminal, bankruptcy and court records.

References are probably the least effective indicator of a person's character or ability. Employers are less likely to give a truthful reference to a bad employee as it's in their interests to see them move on (and, in any case, it's up to the employee as to what references to submit). Employers are often wary about giving out verbal references for fear of being accused of defamation of character.

The actual cost of checking qualifications and other details supplied on a reference – both monetarily and in terms of the time involved – is a further discouragement for many employers. There will also be an after-effect on staff morale and productivity, and the attendant costs in covering for the suspended or sacked employee(s).

That said, the cost to the company in dealing with a rogue employee will usually be far greater. When you consider that the average fraud claim usually runs into tens of thousands of pounds, the cost of implementing a proper vetting program seems negligible. Benefits from your insurer may even offset the cost.

Depending on the nature of the business, individuals may apply for a security role because they will have ready access to money or certain types of information. Given that 7.5 million members of Britain's 25.3 million working population have misled their potential employer when applying for a job, checking references must be high on the agenda.

Revising your recruitment programme to include the checking of references, requesting to see certificates (of education, etc) or setting stringent tests would be an instant improvement, but beware that employees will use a host of tricks to dodge the assessors.

For example, it may sound obvious but always check the address and telephone number, thereby confirming the company and/or individual to whom it refers. Use the DHSS and the National Identification Service.

Access to criminal records information
The advent of the Criminal Records Bureau and the SIA will, in due course, necessitate the issuing of either an amendment to BS 7858, or indeed a completely new standard.

One of the key areas of BS 7858 that will need thorough examination relates to how criminal record information is obtained. This is a real can of worms that, once opened, may complicate screening procedures (simply because, as stated, many employers are fearful of confronting an employment tribunal).

Risk assessment is crucial. Managers should review every task that the persons concerned will be expected to perform – not to mention all those disparate individuals and items of information with which they’ll come into contact at some stage

In recent times, the number of cases brought before these tribunals has soared by around 33% per annum (many of them concerning alleged unfair dismissal, and focusing on complaints over hours and wages).

As many of you will be aware, there are two main routes to accessing a given individual's possible criminal history. The first is to rely on the honesty of the candidate to supply the necessary information. Some companies encourage deceit from applicants by way of inappropriate questions on application forms. One form we've been privy to – issued by a manned security contractor – asks candidates: "Have you ever been in trouble with the police?" Phrases like that are so ambiguous that they positively invite deception.

A better form of wording (for a post that's not excepted from the Rehabilitation of Offenders Act 1974) would be: "Have you ever been convicted of a criminal offence (including motoring offences)? If the answer is 'yes', please provide details of the type(s) of offence(s), date(s), sentence(s) and any fine(s) imposed". Convictions that are spent under the Act need not be included.

The second route to accessing a person's criminal history is to obtain the necessary information from official sources. At present, unless the job is one that's excepted from the Rehabilitation of Offenders Act 1974 there's no direct route for an employer to gain access to an individual's criminal record. Thus (as indicated by BS 7858) to review a candidate's police record the employer can ask any prospective employee to make a 'subject access request' to the police.

Some security managers are under the impression that the police currently issue what they term 'certificates of good conduct' or 'police clearance certificates'. Not true. The only record the police issue is as a direct result of a subject access request. This is the means through which an individual can apply to see a record of their personal information as collated by a business or organisation.

County constabularies issue thousands of replies to such requests every year. The reply will contain documents detailing any convictions, cautions and/or fines taken from the Police National Computer. The lists could include both current and spent conviction information. Alternatively, the reply could indicate that no information is held.

Basics of the Criminal Records Bureau
There are problems with subject access requests (for instance, if an individual does have a criminal record, the request will detail a complete record of past offences – no account would be taken of the Rehabilitation of Offenders' Act 1974). In recognition of such difficulties, a new body has been set up to facilitate easier employer access to criminal record information. The Criminal Records Bureau is the official organisation that will now carry out checks by way of a disclosure scheme. In practice, three levels of disclosure – basic, standard and enhanced – will be offered according to the nature of the job in question.

The basic disclosure – or Criminal Conviction Certificate – is the lowest level of check available. It shows all convictions held at a national level which are not 'spent' under the Rehabilitation of Offenders Act 1974. The only person who can apply for basic disclosure is the individual whose conviction history is being requested. Once that person has received the certificate, they can then choose to give this information to an employer. The Criminal Records Bureau expects to be in a position to issue basic disclosure certificates – at a cost of £12 per certificate – by this coming summer.

Standard disclosure – or the Criminal Record Certificate – is the second level of disclosure available. These certificates will only be issued to an employer that is registered for disclosure. As far as private sector security staff are concerned, the SIA will be the body registered for disclosure, and its licensing process is slated to include a criminal record check on all applicants. Organisations can qualify for disclosure only if they are currently listed in the Rehabilitation of Offenders Act 1974 Exceptions Order, or if the post would involve regular contact with 'vulnerable' adults.

Standard disclosure will contain details of all convictions on record at a national level, as well as cautions, reprimands and warnings. In practice, most applicants who apply for licensing under the Security Industry Authority will receive standard disclosure.

The highest level of check to be carried out by the Criminal Records Bureau is the enhanced disclosure. In addition to the standard disclosure details, it will include information held on local police force databases (eg non-conviction information, intelligence or even notification of a current and ongoing investigation). As things stand, the SIA has suggested that the only SIA licensing applicants requiring enhanced disclosure are the door supervisors. No surprise there, then.

Beware 'enforced subject access'
As of this month, the Criminal Records Bureau takes on the necessary procedures for those organisations that currently have access to criminal record checks (the service begins on 1 April for other 'registered for disclosure' organisations). As stated, basic disclosures should be available from the summer onwards.

Security managers should bear in mind that, at some point during the process, it will become a criminal offence to require a prospective employee to make a subject access request to the police in connection with prospective employment. This is solely due to a dormant clause contained in the Data Protection Act 1998 which, when in force, will establish the new criminal offence of 'enforced subject access'.

All those responsible for recruitment within a business will need to be made aware of these new arrangements. If they refer to subject access requests, old application forms and supplementary information for candidates must be withdrawn and new ones prepared. Information for all job candidates explaining the new procedures must also be prepared.

Ways of safeguarding your business
Your company's 'Conditions of Employment' statements may well need revision, so too your employment contracts and any documents concerned with advice for members of staff.

In addition, all policies and procedures relating to the safe storage of an individual's criminal record information must be subject to close scrutiny.

Importantly, the expected increase in available criminal record information for candidates will require dedicated evaluation and assessment procedures – not least to prevent any future claims of discrimination.

Above all else, assess the risks that could be posed by the roles for which you are recruiting, and address them through thorough profiling and screening. Proper policies and procedures may be produced to help assess staff both before and during employment, as well as provide a reminder to all those working for you of the standards required of all employees.