Today I’d like to share a recent discussion that has been taking place the last few weeks on our LinkedIn Forum, the International Background Screening Forum that I think our readers will find resourceful.

The discussion provides an interesting primer and insight to the rather fragmented nature of the global background check market and the challenges faced by screening companies outside of their geographic location (country of domicile) that look to source their U.S. or overseas based clients international background check research either through direct to source i.e. a government agency abroad or to third-parties whether they are global wholesale providers or even in-country providers.

In summary a rather thought provoking statement and question was made that not all countries are equal when it comes to the reliability and accuracy of records around the globe. It was also  expressed that clients (multinational employers) are paying a premium for international searches and that there is a growing concern from a US based background screening company’s point of view as to how one should go about evaluating the reliability and accuracy of such results on a country basis. From a practical point of view it is believed that there might be countries that may not be worth performing a records search because… “there are no records to search”, or “70% of the people in a country can pay officials to lose the record”, or “50% of the records become “nonexistent” for political or religious reasons,” etc.

These are all very valid questions, (1) what is the reliability / accuracy and (2) if based on available information, local records might not necessarily provide at least a certain level of accuracy should an organization even attempt such research? As a global advisory firm specializing in this area we receive these types of questions more often than you would think. We’ll discuss both of these points.

How to Establish Reliability / Accuracy in International Background Check results

In many respects even after 12 years of specializing in the global background check market many would agree that it is still very much considered “The Wild West” and at its emerging stage due to the fragmented nature of differing laws, availability and access to local records and data required to undertake a legitimate check, costs, and most importantly differing points of view on what is legally permissible versus folks that just want to turn a quick buck for less than ethical work product. In the end the latter has done more harm than good but it’s getting better through education and the effects of increased global trade (increased demand) but also increased enforcement action of those that flagrantly violate compliance and personal privacy.

Unfortunately there is no public available resource that details by country each of these aspects of background screening on a country basis, at least at this time. This type of information is generally closely held by companies that actually specialize in this area of the market and many may feel that it is considered part of the “secret sauce” that differentiates them from their competitors (particularly global specialists). Aletheia Consulting has in fact conducted such research on a number of geographies around the globe.

With that in mind we will discuss the guiding principles we apply when working with our CRA (background screening) clients no matter whether they may be a US based or overseas based provider (ie. a screening provider located in Bangladesh as an example) looking to expand their geographic footprint and design their international background check product portfolio.

We carefully examine each local data source (i.e. criminal records, credit, etc..) by country and by product type with the following 8 specific questions in mind:

1. Existence of information in target country? (locate possible sources of the data)
2. How is information maintained?
3. Reliability and credibility of information? (whether held directly by gov agency but also how credible the third party that may be in conducting the search on the customers behalf)
4. Legality of using consumer information for employment purposes? (can it even be used for employment purposes?, if so
5. If based on answers related to No. 4 that it is legally permissible for employment – how can research be accomplished? Direct to source or through a third-party?)
6. What is required in order to obtain the information?
7. Timeliness of delivery?
8. Affordable cost of information?

Questions 1-5 can then be applied to a Risk Matrix and conclusions drawn as to the quality and credibility.

This of course assumes one also factors in the cultural and environmental factors involving a country’s level of corruption (i.e. the practice of paying bribes in order to get out of being arrested or to pay off a claimant prior to court in order to avoid a trial which is actually a common practice in some countries).

A country’s level of corruption and actual fundamental issues around the quality of source data will always be potential factors in international background investigations that one should consider but should never be a deterrent or an excuse for not conducting an adequate level due diligence on a potential non-US or local employee, contractor, or trading partner. Remember many countries including the U.S. have enacted various anti-corruption/bribery and terrorism statutes (Foreign Corrupt Practices Act) as well as various industry specific guidelines (US Federal Sentencing Guidelines for Organizations) such as within the financial services, IT, healthcare, and many other industries that require a reasonable/responsible level of due diligence be applied when making a business decision.

What to expect from your local or global background check provider

When working through a 3rd party (in-country partner or even one of the “wholesale international providers”) aside from the usual production guidance i.e. what they require from you to undertake the search and what to expect in return I recommend you require them to demonstrate a sufficient working knowledge of the geographies they claim to be able to support. This needs to be supported by their willingness to educate you and or provide sufficient guidance for you to be able to communicate the local cultural and legal provisions governing access and use of the data to your clients or even candidates. You should then have this information cross referenced and verified independent and directly with the source agency and the relevant privacy commission (if applicable).

In the end there must be transparency with your overseas background check providers. If not than you or your organization may be placed in a risky situation of possibly violating an applicant’s personal privacy rights or even worse an organization failing to be able to demonstrate that they applied the necessary level of due diligence in their background screening process.

I am not a firm believer in “blind faith” or “blind trust” as someone mentioned in the discussion about relying on their provider without verifying the facts.  This is an unwise practice and creates significant risk for you and your client. Our clients come to us for expert advice and if we don’t know the answer to their question than we should know how to derive the right (accurate/truthful) answer or tell them we simply don’t know.

Some folk’s spoke of records not being available in certain geographies and that is absolutely accurate. In fact one of my most famous recommendations to clients is that “any firm that purports to offer and deliver criminal records for employment purposes from every country on the planet, don’t walk away, run away!” This simply isn’t legally permissible in a multitude of countries and is an outright criminal offense. As a provider of international background screening services however it is our job to be able to speak to both the local environment as well as our experience to be able to offer best practice advice for our clients in order to address and in some cases offer next best available options to consider.

In conclusion, just because criminal records in a country may be paperwork intensive, expensive, take an extremely long time to accomplish, or worst case scenario not very accurate due to the reasons discussed today as long as the organization has applied that reasonable level of due diligence..meaning that if it is legally permitted and available for employment the organization should have the check done by a responsible provider. The question then may become what source and as long as you’ve applied the guidelines we discussed above during the sourcing and selection process you should be okay. If as a provider you don’t have the in-house expertise of the local geographies than we believe you have one of two options (1) spend the time to research the various geographies on your own (although it will be a very long, painful, and expensive process), or (2) hire or partner with local and or global subject matter expert that has already done the leg work and who is able and willing to be your subject matter specialist.

International Background Check Market Outlook

All and all the international background check market even with its rather interesting challenges continues to grow and further develop in leaps and bounds nearly by the month. I am a firm believer that through continued education of our buyers, providers, applying best practice concepts, and striving to do the right thing as a business owner and as an industry will many of these challenges have less of an impact on the emerging international background check market.

For more information about Aletheia Consulting Group’s advisory services in international background screening please feel free to visit our website or email us at Info@AletheiaConsultingGroup.co .

ACG Featured in July Aug NAPBS Journal, Background Screening Essentials in Japan

Gerlind  Wisskirchen of CMS Hasche Sigle discusses background checks affecting employers in Europe. As published by Who’s Who Legal

Gerlind Wisskirchen, CMS Hasche Sigle

Background checks – the most recent since the 2002 financial   reporting scandals involving US corporations (Enron, Worldcom and Tyco) –   have acquired global significance for employers. Ever since,   comprehensive background checks, or ‘pre-employment due diligences’ have   been carried out in US corporations. In Europe, however, background   checks are not permitted to the same extent.

GERMANY

In Germany no specific legislation exists concerning background checks; the permitted room for manoeuvre must be determined on the basis of the existing legal situation. Statutory constraints with regard to the acquisition and storage of personal data are in place, warranting the protection of the private sphere and the right of self-determination. The applicant need not tolerate any background checks that go beyond an employer’s permissible right to ask questions within the limits of the German Equal Treatment Act (AGG) and the personality right of the applicant. The employer’s legitimate interest in the answering of the question must be so great that the protection of the personality right of the applicant is second to the right to ask questions. The applicant need not respond to inadmissible questions put by the employer, the applicant is also permitted to give a wrong answer to the question. When background checks are being carried out, the principle of direct acquisition of data via the applicant takes priority. Background checks with the help of third parties are therefore only admissible if the reliability of the applicant is of particular relevance, eg, in finance and childcare, or where special information is essential for the employment relationship. The applicant’s knowledge and consent will always be required.

The employer has a legitimate interest in information on the applicant’s personal particulars. Both before and after the job offer, the applicant may be asked to verify his personal particulars by presenting his ID card, passport, social security number or birth certificate. Otherwise, the employer can refuse the applicant. If there is legitimate suspicion that employees have not disclosed their true identity, the employer may demand the mentioned proof of identity, also during the existing employment relationship. The same applies to job application documents. Applicants submit documents concerning their qualifications and previous professional experience with their application. The employer may – both before and after the job offer – request the original documents for perusal, and after being given the applicant’s written consent, may also contact schools, universities and former employers directly. For data privacy protection reasons, as a rule enquiries made are limited to information on the duration and type of employment. In the case of breaches of such requirements, the applicant can assert claims for damages. In addition, there is the threat of an administrative fine of up to E300,000 pursuant to the German Data Protection Act (BDSG). Potential employers may only demand limited information on previous convictions or on the applicant’s financial situation. Questions will only be permitted if the information is relevant to the advertised position, for example because particular trustworthiness and financial reliability are required. Scrutiny of any previous convictions will only be possible in rare cases through presentation by the applicant of a certificate of good conduct (Führungszeugnis). The applicant’s career development and criminal history will only be allowed to be scrutinised in the existing employment relationship if this failed to take place already during the recruitment process, and if the concrete workplace is affected. Then, the written approval of the employee will be required, except in the case of legitimate suspicion of fraud on the part of the employee. Moreover, as a rule, the employer can request presentation of the employee’s work permit and residence entitlement without giving a reason. Creditworthiness checks like SCHUFA information or extracts from the commercial register are prohibited under the German Data Protection Act.

Primarily during the application procedure, HR departments – via internet research – are increasingly collecting data about the applicant that goes beyond the information communicated in the job application documents, notably the applicant’s professional background. Pursuant to section 28, 32 of the Data Protection Act, collecting personal data from the internet is allowed if this data is accessible to the general public, unless the protectable interests of the applicant outweigh this. With work-oriented networks like XING or LinkedIn, the data posted there by the applicant is accessible to the general public after log-in. Data that is posted by the applicant on social networking sites like Facebook may not readily be collected and stored.

Currently, the general terms and conditions of the operator provide for use of the network for private purposes only. Moreover, predominating interests of the applicant and lack of necessity as defined in the Data Protection Act are opposed to the collection of data. If the employer decides against an applicant, the job application documents must be returned to said applicant. If an action brought by the rejected applicant cannot be ruled out, copies of the documents can temporarily remain with the employer. Employee data can be stored for as long as it is required by the employer within the framework of the protection against unfair dismissal process. If the employer intends to introduce staff questionnaires, eg, in the context of works agreements, the approval of the works council must be obtained in advance (section 94 of the German Works Constitution Act) and the data privacy protection officer must be involved (section 4 of the Data Protection Act).

By conducting impermissible background checks, the employer will be in breach of the pre-contractual duty of care and of the general personality right. An impermissible background check can entail damages claims if the applicant can prove that the losses were incurred by obtaining unlawful information and that without this measure, the applicant would have been recruited. It is also possible to grant the employee damages of three monthly salaries, pursuant to section 15(2) of the Equal Treatment Act.

FRANCE

French law offers no explicit statutory framework for handling background checks. It contains provisions concerning admissible acquisition of data relating to applicants. Pursuant to article L.1221-6 of the French Labour Code, the employer can only obtain information about an applicant, which facilitates an assessment of their professional skills with regard to the position being offered. These professional skills must be directly required for the position. Social security enquiries about the applicant are generally prohibited, except if the applicant is not yet registered. In all other respects, personal particulars are allowed to be subject to comprehensive scrutiny. The employer can demand presentation by the applicant of the relevant job references, eg, of former employers, however, not the presentation of pay slips. In addition, the employer has the right to ask questions concerning previous positions and the grounds for their termination. The applicant’s consent relating to enquiries made to former colleagues is required.

Employers may make use of all information from the internet, irrespective of whether it was posted on social or work-oriented networks. In France, the employer is generally prohibited from reviewing any previous convictions as well as the applicant’s financial position. If applicable, the employer can – only by setting forth a legitimate interest – demand the current extract number three of the certificate of good conduct, which lists the heaviest penalties and can only be applied for by the applicant itself. An exception is made in the area of asset management, eg, in the banking industry. With applications in the areas of security or care, the employer additionally has the option, under administration law, of having police files reviewed by local government.

During the existing employment relationship, the employer as a rule (setting out its legitimate interests) can demand updated versions of the certificate of good conduct. Dismissal for breach of the duty to furnish the requested information is possible if the employee’s refusal with regard to furnishing the desired information results in disturbances in the peaceful working climate or if material qualifications for the function turn out to be false. The storage of employee data is possible after prior clarification regarding the affected employee. Employers additionally have the option of setting up biometric ID systems on their employees if CNIL (Commission National de l’Informatique et des Libertés), the French data protection watchdog, approves of their introduction. If the employer violates the above-referenced legal provisions or employee rights, the employee can claim damages or sanctions under criminal law, see article L. 1121 -1 of the French Labour Code. Pursuant to the French Criminal Code and the French Labour Code, an employer could face up to three years of imprisonment, and a fine of up to E46,000 in the event of discrimination with regard to an employee’s membership of a trade union.

ITALY

In Italy, prior to the acquisition of personal data, there is no general duty to notify the applicant or to obtain the applicant’s approval. The person concerned should be informed in advance concerning the purpose of the background check, in terms of whether the data has to be surrendered voluntarily or obligatorily and with regard to the consequences of non-voluntary surrender (see article 13 of the Italian data protection law).

At the employer’s request, applicants must communicate their social security number to the employer. Publicly accessible data, eg, a birth certificate, can be perused by the employer at any time without the approval of the applicant; detailed information can only be viewed with the approval of the applicant, the employer demonstrating a special interest. The employer can comprehensively scrutinise statements made by applicants about their educational background. Upon request, schools and universities are entitled to surrender their assessments (possibly via electronic information) to the corporation. This generally also applies to enquiries made by former employers. The employer may call on the applicant to handover documents on previous nationwide convictions and pending proceedings before the court in the potential employer’s district. However, the employer may not call for bank and credit card information.

The employer’s right to information also continues to exist during the current employment relationship to the same extent as prior to recruitment. In exceptional cases, dismissal is possible if, after examination of the data, it subsequently emerges that the employee fails to meet the requirements of the position. The employer may store data in the individual case, stating a legitimate purpose, for the duration of the employment relationship. In the event of unauthorised or unlawfully conducted background checks, the employer will be liable for prosecution under civil law and criminal law. The employer will be liable to pay damages or ‘smart money’ if the processing of personal data brings about losses for the employee or if data is stored longer than permitted for the required purpose.

DENMARK

The employer’s right to information is determined in Denmark notably by way of the Danish Act on Processing of Personal Data, APPD. With the written approval of the applicant or employee, the employer can subject their personal data to scrutiny by means of a database governed by social security legislation. If the applicant refuses such scrutiny, the employer can refrain from recruitment for this reason provided the employer has already informed the applicant of the consequences thereof.

With regard to educational background and previous activities, as a rule, the data from the application may be verified by the employer. It is not usual in Denmark to issue job references. Applicants can, however, be called on to surrender contact data of former employers. Also in the existing employment relationship, scrutiny can take place if there is legitimate suspicion of fraud by the employee to the detriment of the corporation. If the employer acquires information via social networks, it must grant the employee the opportunity of answering. The applicant must disclose previous convictions if the offence is relevant to carrying out their duties and if there is a temporal proximity between the offence and the position. This is the case if an official permit regulated by statute for exercise of the function is required, for example relating to insurance clerks, attorneys or finance managers. The legal limits of data acquisition, notably the proportionality principle, are applicable in favour of the applicant and the employee. As a rule, the employer obtains information about relevant previous convictions from the public criminal records kept by the police with the written approval of the applicant.

The employer is authorised to keep personal data of applicants and employees by electronic means. It is permitted by statute to store data for as long as a legitimate purpose for this exists. As a rule, this data is allowed to be stored for up to six months after its transmission to the employer. Danish legislation provides for sanctions like monetary fines or damages for financial losses in the event of illegal collection of data. It is also usual to publish the corporation’s breach on the website of the Danish data protection agency.

THE NETHERLANDS

In the Netherlands, background checks regarding applicants and employees are generally permitted, but limited by the Data Protection Act (Wet Bescherming Persoonsgegevens). Background checks are only supposed to be carried out relating to necessary data for the firm offer of a position.

The information on professional experience and educational background listed in the application, can, however, be subjected to scrutiny by the employer by making enquiries to former employers. Job references are seldom issued in the Netherlands. On the publicly accessible homepage of the Dutch courts (www.rechtspraak.nl) employers can inform themselves about the possible insolvency of the applicant.

However, it is up to applicants as to whether they provide information to the potential employer about their financial situation and credit rating. This principle also applies to any previous convictions. Exceptions apply relating to function-related previous convictions, eg, in the case of an applicant for a position as a primary school teacher previously convicted for the sexual abuse of children.

These principles relate to the duty to provide the requested information comprehensively, at any time during the current employment period, and to the extent that scrutiny of data relating to the employee’s position is relevant, and the interests of the employer outweigh those of the applicant. In the Netherlands, the right of the employer to be able to use all private and work-related information from the internet has existed hitherto. To date, notification about the found information has not been prescribed by statute. Personal data can only be stored for a limited period. There is differentiation made between information relating to applicants who are recruited and applicants who are not recruited. Personal data relating to the first-mentioned applicants can be stored during the entire term of employment. With regard to the applicants who are not recruited, differentiation has to be made between whether applicants have consented to further storage of their data (storage for one year admissible) or not (storage for four weeks admissible). The Dutch Data Protection Commission are allowed to sanction corporations breaching the Data Protection Act with monetary fines of up to E15,000.

© Law Business Research Ltd 1998-2011. All rights reserved.

Overview

The primary law governing background checks in Germany is The Federal Data Protection Act (Bundesdatenschutzgesetz (BDSG)).  As of 1 September 2009 the BDSG provides comprehensive regulation of the processing of personal data.  At the federal level, this is supported by laws such as the Telecommunications Act of 22 June 2004.  In addition, each German State has privacy legislation and data privacy commissioners to enforce State laws. On August 25, 2010, the German federal government proposed amendments to the existing law on the processing of employee data.  The draft law went before the German Parliament for a first reading on November 2010, and is now in effect.  This new law now applies to virtually all data collected and used by employers over the course of an employment relationship.  The new law also restricts background checks on individuals. A detailed explanation will be covered under Applicable Statutes.

Germany provides job placement and counseling services to applicants who must first fill out a form.  The information on the form is then entered into a computer, to be processed as part of computer-assisted job placement (“coArb).  Relevant information includes address, marital status, health status, education, occupation, previous jobs held and the results of job counseling sessions.  If necessary, applicants may undergo medical and psychological testing, conducted only with their consent.  Test results and the examiner’s original report are kept on file by the medical or psychological service.  A copy of the report is kept on file with the placement and counseling service.   The applicants’ data is checked against the information on current job openings and the best matches are selected.  The job placement officer then refers the applicant to the job opening; the employer receives a copy of the referral.

Applicable Statutes

Any collection of personal information is subject to the restrictions imposed by a number of different statutes, in particular the following:

• The Federal Data Protection Act (Bundesdatenschutzgesetz (BDSG))
• The Federal Central Criminal Register Act
• The Central Registry Act (Gesetz uber das Zentralregister und das Erziehungsregister, as amended on December 17, 2006)
• The Criminal Procedure Code (Strafprozessordnung, as amended on December 17, 2006)
• Telecommunications Act of 22 June 2004
• Section 611 et seq. of the Civil Code (Burgerliches Gesetzbuch, as amended January 1, 2002)
• The General Act of Equal Treatment (Allgemeines Gleichbehandlungsgesetz, as amended on December 12, 2006); and
• Articles 1 and 9 of the Basic Act (Grundgesetz, adopted on May 23, 1949, and amended on March 19, 2009)

Personal Data on Applicants:  (New Law) Data collection from applicants: According to Sec. 32a para. 8 of the law, any personal data shall only be collected directly from the affected employee or applicant. Any collection of data on the applicant from a third party requires prior opt-in consent. An exemption is made only for data that is publicly available so that Internet searches on the individual will generally remain permissible.

Note:  In case an employment relationship has not been founded, the data of the applicant may only be stored further if the applicant has consented.

General Limitations on Information:  A prospective employer may only ask questions relating to particularly sensitive subject matter if the information is significantly and decisively pertinent to the work.  In this context, sensitive data includes:  disabilities, health, religious or political views – as well as criminal records and financial standing.

The new law allows employees to consent to the background check; however, it is very strictly limited.

Legislation Governing Criminal Records in Germany

Federal Ministry of Justice

The Federal Central Criminal Register Act  “Bundeszentralregistergesetz” from 1971 governs the disclosure of criminal records and regulates what type of information or convictions are to be included in or removed from the Federal Central Criminal Register.

The content of the “Bundeszentralregister” is regulated by section 4 of the Federal Central Criminal Register Act. The register contains information on the following:

• Sentences imposed by German courts;
• Security and rehabilitation-related measures;
• Warnings issued pursuant to section 59 of the Criminal Code (Strafgesetz) on reservation of punishment, or
• Custodial sentences issued with reference to section 27 of the Youth Courts Act “Jugendgerichtsgesetz”

Good Practice Guidance

The primary purpose of the BDSG, is to ensure, among other things, that personal information is collected directly from an applicant or employee rather than from third parties such as third-party vendors, consumer-reporting agencies, former employers, referees, the courts, or the Internet. The BDSG permits the collection of information via third parties only where the “nature of the business purpose” necessitates the collection from third parties and there is “no overriding legitimate interest” of the individual to whom the data relates to. In other words, employers may seek information from third parties only where the particular position requires certain information to be confirmed and supplemented through background checks. Commentary suggests that background checks are permitted only where the trustworthiness of an applicant or employee is particularly relevant to the work, such as for positions in financial services institutions, for positions involving child care, or where certain qualifications are essential for an employment decision.

In addition, all inquiries should be approved via the written consent of an individual concerned, unless an employer obtains another justification. Other justifications fall outside the boundries of this article and are not applicable to employment screening.

Employers may collect the following preliminary information:

• Name
• Address
• Telephone number
• E-mail address
• Other data required to assess skills and qualification of applicant.

Any other information requires applicant’s prior, specific consent.

Sensitive Data

Sensitive data contained in background checks may only be collected with the individual’s specific consent, and the applicant must be notified of the information to be checked or supplemented as well as the references or agencies that are asked to provide the information.

In accordance with Gola/Wronka: Handbuch zum Arbeitnehmerdatenschutz, Rdn. 213, employers are prohibited from using medical information unless it is directly relevant for the position; for example, certain allergies or disabilities that may affect an applicant from performing their duties of employment.

Consent / Notice Requirements

Candidates must be provided with fair and accurate information about the information included in the report, the purpose for which the data will be used, the names of all recipients (other than data processing agents), the sources of the information, and the individual’s right to access and correct the data. Additionally, prospective applicants must be informed about the fact that service providers may collect, access, or use the information.

Access and Correction Rights

Applicants and employees may request access to the information collected and may dispute the accuracy of information contained in the report. The employer then must correct this information.

Use Restrictions

Employers should also be aware that aware that certain questions and the way in which they are asked or checks that are conducted could infringe labor law obligations or the General Act on Equal Treatment (ACG). For example, it is generally not permitted to ask applicants for information about their sexual orientation, and if the interviewer does, the applicant has the right to refuse to answer the question. Background checks may therefore not be performed in order to verify this type of information.

Even when employers are able to justify the carrying out of background checks, employers must be careful not to use background checks to discriminate. The ACG applies to the recruitment process and may be infringed by certain types of background checks or the way in which such checks are conducted. In particular, any discrimination for age, gender, religion, union membership, disabilities, and sexual preferences is strictly prohibited, and information collected on these items may not be used.

Special Note: Background checks to supplement information available from a candidate’s resume and interview are not common in Germany. There are severe restrictions on the scope of information to be obtained in order to protect an individual’s personal privacy and right of self-determination. If employers create or obtain background check reports, they should provide detailed information on the background check, and ensure an applicant’s cooperation in the process.

Good Practice on Specific Background Checks

Consumer Credit

Although credit data is not regarded as sensitive data per se, financial institutions in Germany are generally not permitted under the BDSG to share information on an individual’s creditworthiness or credit standing with employers or third-party vendors. In order to facilitate credit decisions by financial institutions, SCHUFA, a private organization, has been established and hosts a database to facilitate the sharing of credit data. Financial institutions associated with SCHUFA provide credit data to the system, update the data, and receive data in return. Although employers or third-party vendors are not permitted to directly access the information contained in the SCHUFA database, employers or third-party vendors may ask candidates to provide a self-declaration (Eigenauskunft) authorized by SCHUFA. The candidate is able to request the certificate from SCHUFA, and SCHUFA then prepares a standard report, which can be provided to the potential employer.

Driving Records / Motor Vehicle Records

The Federal Motor Transport Authority (KBA) (Kraftfahrt-Bundesamt) is one of the largest federal authorities in Germany. It was posted in 1951. It is headquartered in Flensburg, Schleswig-Holstein with offices located in Dresden. The KBA is responsible for enforcing the penalty points system called Punkte. The point system provides a uniform national set of measures and point system for the equal treatment of drivers.

Similar to credit data, driving records in Germany are not regarded as sensitive data but the KBA is not permitted under the BDSG to share information directly from within the Central Register of Traffic Offenders with employers and or third party vendors. In order to facilitate a verification of motor vehicle records in accordance with the BDSG an employer must first be able to demonstrate that there is a relevant and pertinent justification for the position for which the applicant is applying i.e. truck driver. Employers or third-party vendors may then ask a candidate to provide a self-declaration of their driving record by submitting a formal request to the Central Register of Traffic. The CRT also offers an online application.

Academic History

It is generally permissible for employers to confirm information about a candidate’s academic history when prior consent has been obtained.

Employment History

It is generally permissible for employers to confirm information about a candidate’s work history when prior consent has been obtained. It is not however permissible to inquire into a candidate’s previous salary unless the candidate has revealed the figures and used the information to negotiate a new salary.

Professional References

It is generally permissible for employers to contact a candidate’s references when prior consent has been obtained.

Personal References / Reputational

Checking a candidate’s character and general reputation is not permitted as this information is viewed as being irrelevant for employment decisions.

Criminal History

Employers in Germany may ask applicants to list any convictions that they may have on their application form. However, employers should request information about an applicant’s criminal convictions only if that information can be justified in terms of the position offered (e.g., the previous conviction of a book keeper for fraud, a truck driver for a road traffic offense, or a day care worker for sexual offense involving children). For most positions, employers are not entitled to ask whether an applicant has a criminal record.

However, employers may inquire if a candidate is likely to be sentenced to imprisonment to the extent the investigations or imprisonment may prevent the applicant from taking up the position for which they have applied.

Employers may ask candidates to provide a certificate of good standing also known as a Certificate of Good Conduct to be issued by the Registry Office (Führungszeugnis). This certificate will not contain all convictions in the Central Registry. In general, there is no information about the following:

• Criminal offenses more than five years old;
• Criminal offenses resulting in imprisonment not exceeding a term of three months or penalties not exceeding the amount equivalent to 90 days’ income (unless there are no other entries in the Central Registry);
• Criminal convictions resulting in imprisonment not exceeding two years when on provisional discharge for certain drug-related crimes (unless there are no other entries in the Central Registry);
• Imprisonment or detention of a young offender (i.e. younger than 21 years);
• Information about arrests or indictments that did not result in a conviction; and
• Civil suits, civil judgments.

Certificate Good Conduct (Führungszeugnis)

German Good Conduct Certificate - Führungszeugnis

The Federal Central Register (FCR) will issue a Certificate of Good Conduct on request to any person over 14 years of age who is the subject of that record upon application and confirmation of identity, signature and payment. No special form is required.

The person concerned may not have someone else represent them, even a lawyer, when making an application. However, the FCR will require an applicant’s personal details, name at birth, surname (if different from name at birth), all forenames, address, date of birth, place of birth and nationality alongside a signed request for the certificate.

If an applicant is resident in Germany then the individual must file the application with the Residents Registration Office also known as Einwohnermeldeamt in their place of residence. The Residents Registration Office will confirm the identity of an applicant, collect the fee for the Certificate of Good Conduct and pass the application on to the FCR for processing.

If an applicant is living outside of Germany the FCR will accept confirmation of identity and signature either:

• From a German consular or diplomatic office (e.g. embassy). The applicant should present there himself in person. The office also provides pre-printed forms of Good Conduct Certificate applications;
• From a notary public or a foreign authority.

Personal details may also be confirmed by sending an officially certified photocopy of personal identification papers (personal ID, passport) showing the personal details. The photocopy must be signed by the applicant before confirmation. If this application route is used, the applicant should supply all relevant information in a standard letter format including:

• Name at birth, surname (if different from name at birth) all forenames
• Address
• Date of Birth
• Place of Birth
• Nationality

The Homepage of the FCR contains an application form: www.bundesjustizamt.de (new window). Due to the confirmation of identity and signature required, applications for issue of Certificates of Good Conduct may not be made by e-mail.

Company Registry Records

Information on the registration of German companies is published in the official gazette of the Ministry of Justice (Bundesanzeiger).  Every German limited liability company as well as shareholding or limited partnership company etc. is legally obliged to register with the multiple registration offices throughout Germany. The registration offices publish the entries from their registers in the Bundesanzeiger. The full  content of the register entries such as the official name, status, address, ownership, directors, capital, changes in name,  appointment of liquidators – removal from the register are listed.

Japan – Country Background Screening Essentials

By Terry Corley, Aletheia Consulting Group

Good Practice Guidance: There is no one specific law governing background screening in Japan, however, various pieces of legislation do cover parts of the screening process.  Until recently, employers had the right, under Japanese law, to conduct employment background checks on candidates. Unless the scope of the background check was extremely unreasonable, or clearly unnecessary, and could be viewed as an invasion of privacy, candidates had the obligation to respond truthfully to questions posed by their potential employers.

The practice of background screening in Japan nowadays however has been limited greatly in the past several years by the enactment of new legislation relating to discrimination, privacy and dealing with third party agencies.

Omnibus Legislation:  In 2003, Japan passed the Act on the Protection of Personal Data that regulates the use of personal information by both government and private parties.   The Basic Guidelines on Personal Information Protection has supplemented the national act.

Overview of existing legislation governing background screening:

The five main laws that should be considered when designing and implementing a screening program in Japan are:

• Japan’s Personal Information Protection Law (PIPL)
• Labor Standards Law (Chapter 1 Article 3) 1947
• Welfare (MHLW) in 2000
• Human Resource Development in High-level IT – Ministry of Economy, Trade and Industry (METI)
• Action Guide Regarding to the Protection of Personal Information of Workers (Action Guide)

Discussion about Data Privacy in Japan

Japan’s Constitution, Article 13 has been recognized by the Japanese Supreme Court as providing a substantial right of privacy.

On May 23, 2003, the Japanese Diet passed 5 bills relating to the protection of personal data.  The Act on the Protection of Personal Data 2003 (PIP) regulates the use of personal information by both government and private parties.  In its current form, the PIP law affects the screening process in the following areas:

• Individual consent is required to gather personal information from a data subject;
• The reason and purpose should be specified;
• No personal data should be passed to a third party without the individual’s consent; and
• The company gathering the information shall be responsible for the acts of the third party in respect of that information.

The Cabinet Office has issued the “Basic Guidelines on Personal Information Protection” which has consequences for both government and private enterprises.

The principles underlying the Act on the Protection of Personal Data 2003 are based upon the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal  Data.

Related Legislation:  In addition to the Act, the Japanese Diet passed a package of four (4) personal information protection bills that include two laws that cover private businesses, government organizations and independent administrative agencies.  The four laws are:

1. Act concerning the Protection of Personal Information Held by Administrative Organs;
2. The Information Disclosure and Personal Information Protection Review Board Establishment Act;
3. The Act concerning the Protection of Personal Data Held by an Independent Administrative Agency; and
4. The Act concerning the Preparation of Related laws for the Enforcement of the Act concerning the Protection of Personal Information Held by Administrative Organs.

Permissible Screening Components:

• Identity Validation
• Organized Crime and Criminality Searches
• Police Clearance Authentication of Japanese Prefectural Police (JPP) Certificate
• Academic Verifications
• Employment Histories
• Professional Credential Verification
• Reference Interviews
• Civil Suits & Judgments
• Media Searches
• Directorship Search (Conflict of Interest Search)
• Restricted Party Searches

Threshold for Screening Components:

Consent Form –According to the PIPL, when an employer seeks personal information directly from a candidate in writing, the company must clearly indicate the purpose for the use of such information prior to its acquisition. Additionally, in order to eliminate discriminatory hiring practices, the collection of personal information that may cause social discrimination (so-called sensitive information) is generally prohibited and when using a third-party such as a screening provider the consent must be obtained using certain specified forms. Conversely, if obtaining personal information through other means, such as from the individual verbally or from a background screening firm or other third parties, the employer must notify the candidate or publically announce the purpose for the use of the information immediately thereafter, if it was not disclosed beforehand.

Identity Validation

In Japan the Koseki system is used to record Japanese families and the Juminhyo system is used to record individual residents. Foreigners need to register within 90 days under the premises of the laws for alien registration in Japan that creates a separate database for alien residents.

The Residents Basic Registry Network or “Juki Net“was introduced in 2003. This was introduced to increase government efficiency with 264 government tasks to be attached to the new system. In the new system a person identification number is handed out consisting of eleven digits that can be used as a replacement for other identification documents.

Police Clearance

• Scanned image of Japanese Prefectural Police (JPP) Certificate obtained within last 30 days

How to obtain Japanese Police Clearances

Police Certificates:

Official background checks are called “Police Certificates”.  Police Certificates are issued by the prefectural police of the prefecture where the individual currently resides or where has last resided.

Obtaining a Police Certificate is free of charge to a data subject.  The certificate is available in 5 languages, including English.

Japanese police certificates will not contain information about criminal convictions when:

1. The period of suspended sentence has ended;

2. The penalty of the crime was a fine, and the crime occurred more than five years ago;

3. The term of the prison sentence ended more than ten years ago; or

4. The conviction was vacated or the criminal was subject to a pardon or amnesty.

Persons convicted of crimes in Japan may obtain court conviction records indefinitely. The headquarters’ records section of the Metropolitan or Prefectural police issues certificates that include a nationwide criminal records check.

Copyright © 2011 Aletheia Consulting Group

By Terry Corley, Aletheia Consulting Group

Good Practice Guidance: Potential candidates may be required to consent to background checks in Mexico, including requests about their criminal history, consumer credit, and motor vehicle records, as a condition of employment. If consent is not provided, an employer may legally refuse to hire a potentially qualified candidate. An employer must request the background check of an applicant prior to extending an offer of employment. The applicant must then decide if they will consent to undergo the background check process. Employers must be able to demonstrate proof of consent. In order to substantiate valid consent was obtained it must include specific language indicating that the candidate agrees to the background check.

There is no one specific law governing background screening in Mexico, however various pieces of legislation do cover parts of the screening process. These areas include the following:

• Constitution of Mexico,
• Mexico Federal Freedom of Information Act (FOIA)
• Federal Law on the Protection of Personal Data in the Possession of Private Entities,
• Federal Law of Transparency and Public Access to Government Information,
• Transparency and Access to the Federal District Public Information Law

Since 2002, the Mexico Federal Freedom of Information Act (FOIA) protects personal data collected by the government, and guarantees the related treatment, including access by individuals and the possibility to replace, rectify, complete or correct such information (habeas data). The main objective of Mexico’s FOIA is to guarantee the protection of personal data and to promote a culture concerning its treatment.

Culturally it is common practice throughout Mexico for candidates to obtain and provide an employer with a copy of their Letter of No Criminal Record (“Carta de No Antecedentes Penales” also known as “Certificados de No Antecedentes Penales“) as a condition of employment.

Pending changes in law or regulation

The most recent development to the legal landscape in Mexico was this passage of the Federal Law on the Protection of Personal Data in the Possession of Private Entities July 2010.

The Federal Law on the Protection of Personal Data in the Possession of Private Entities regulations comply with the internationally recognized principles such as: lawfulness, quality, access and correction, information, security, custody and consent.

This new regulation is based upon the OECD models, the European Directive and the principles of APEC.

Violations of the new privacy regulation can carry severe civil and criminal liability

Criminal Record Governing Legislation

Criminal information maintained by Mexican courts and local Federal Public Ministry (MPF) (“Ministerio Publico Federal”) agencies (local law enforcement agencies) is not classified as public information and cannot be accessed directly by a third-party.

Federal and individual Mexican state attorney general authorities however promulgate regulations that govern access to and dissemination of Certificates of No Criminal Record (“Certificados de No Antecedentes Penales“) to data subjects throughout Mexico for immigration as well as for employment purposes from the following agencies.

- Federal Attorney General’s Office – “Procuraduría General de la Repúblíca”, or

- Attorney General of the State Justice – “Procúraduría General de Justicia de Estado”

Requests for Letters of No Criminal Record can either be submitted and retrieved from most agencies by a candidate themselves and or their designated legal representative.

As an example the Attorney General, Expert Services Division, San Luis Potosí Mexico (in Spanish) publishes instructions to the public for how they may apply for their own “Letter of No Criminal Record” (in Spanish).

Current laws and regulations related to the collection, dissemination of criminal records by the San Luis Attorney General’s Office are the following:

Organic Law of the Attorney General of the State of San Luis Potosi Article 36 Subsection XVII, 37 (POE 07/07/2009) Regulation of the Organic Law of the Attorney General of the State of San Luis Potosi Article 19 fraction X , 77 , 78, 79 and 80 (POE 12.19.2009) Finance Act for the State of San Luis Potosi Article 92 Fracc. II (POE 12/19/2009).

Permissible Screening Components

Identity Validation

• Instituto Federal Electoral Card, or
• Mexican National Passport

Criminal Record Check

• Attorney General of the State Justice (Statewide),
• Federal Attorney General of the Republic of Mexico (Federal),
• Attorney General of the Federal District (Federal District), or

Police Clearance Authentication of Mexican Certificates of No Criminal Record

Mexican State & Federal Fugitive Search

Academic Verification

Employment History

Mexican law requires employers to respond to employment verification requests by providing an employee’s termination date, position held, and the terms and conditions of thier employment. While an employee’s consent is required, either verbal or written consent by an applicant who is the data subject of the request is considered sufficient.

Professional Credential Verification

Reference Interview

Civil Suits & Judgments

Directorship Search (Conflict of Interest Search)

Restricted Party Search

Database search of corporate scandals, money laundering, corrupt government official database, criminal courts, law enforcement most wanted, fugitives, terrorist, insurgents lists, law enforcement derogatory news files, restricted parties (sanctions, warnings, debarred), and politically exposed persons (PEP).

Threshold for Screening Components

Consent Form – Potential candidates may be required to consent to background checks in Mexico, including requests about their criminal history, consumer credit, and motor vehicle records, as a condition of employment. If consent is not provided, an employer may legally refuse to hire a potentially qualified candidate. An employer must request the background check of an applicant prior to extending an offer of employment. The applicant must then decide if they will consent to undergo the background check process. Employers must be able to demonstrate proof of consent. In order to substantiate valid consent was obtained it must include specific language indicating that the candidate agrees to the background check.

Identity Validation

• Instituto Federal Electoral Card or Mexico National Passport (Scanned image copy)

Criminal Forms – although individual state requirements may vary the following is intended to summarize the basic requirements: 

• Special Letter of Authority (limited power of attorney) – Must include last residential complete address and dates of residence in Mexico.
• Proof of Identification – Mexican Instituto Federal Electoral Card or also known as the IFE Card (Scanned color copy) or National Passport (Scanned image copy)
• Complete set of rolled fingerprints certified by a recognized police authority

Police Clearance Authentication

Scanned image of “Mexican Letter of No Criminal Record” obtained within last 30 days

Data Retention Guidelines

Records pertaining to employee background checks are highly confidential and must be retained for a period of at least five years.

Copyright © 2011 Aletheia Consulting Group