Japan – Country Background Screening Essentials

By Terry Corley, Aletheia Consulting Group

Good Practice Guidance: There is no one specific law governing background screening in Japan, however, various pieces of legislation do cover parts of the screening process.  Until recently, employers had the right, under Japanese law, to conduct employment background checks on candidates. Unless the scope of the background check was extremely unreasonable, or clearly unnecessary, and could be viewed as an invasion of privacy, candidates had the obligation to respond truthfully to questions posed by their potential employers.

The practice of background screening in Japan nowadays however has been limited greatly in the past several years by the enactment of new legislation relating to discrimination, privacy and dealing with third party agencies.

Omnibus Legislation:  In 2003, Japan passed the Act on the Protection of Personal Data that regulates the use of personal information by both government and private parties.   The Basic Guidelines on Personal Information Protection has supplemented the national act.

Overview of existing legislation governing background screening:

The five main laws that should be considered when designing and implementing a screening program in Japan are:

• Japan’s Personal Information Protection Law (PIPL)
• Labor Standards Law (Chapter 1 Article 3) 1947
• Welfare (MHLW) in 2000
• Human Resource Development in High-level IT – Ministry of Economy, Trade and Industry (METI)
• Action Guide Regarding to the Protection of Personal Information of Workers (Action Guide)

Discussion about Data Privacy in Japan

Japan’s Constitution, Article 13 has been recognized by the Japanese Supreme Court as providing a substantial right of privacy.

On May 23, 2003, the Japanese Diet passed 5 bills relating to the protection of personal data.  The Act on the Protection of Personal Data 2003 (PIP) regulates the use of personal information by both government and private parties.  In its current form, the PIP law affects the screening process in the following areas:

• Individual consent is required to gather personal information from a data subject;
• The reason and purpose should be specified;
• No personal data should be passed to a third party without the individual’s consent; and
• The company gathering the information shall be responsible for the acts of the third party in respect of that information.

The Cabinet Office has issued the “Basic Guidelines on Personal Information Protection” which has consequences for both government and private enterprises.

The principles underlying the Act on the Protection of Personal Data 2003 are based upon the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal  Data.

Related Legislation:  In addition to the Act, the Japanese Diet passed a package of four (4) personal information protection bills that include two laws that cover private businesses, government organizations and independent administrative agencies.  The four laws are:

1. Act concerning the Protection of Personal Information Held by Administrative Organs;
2. The Information Disclosure and Personal Information Protection Review Board Establishment Act;
3. The Act concerning the Protection of Personal Data Held by an Independent Administrative Agency; and
4. The Act concerning the Preparation of Related laws for the Enforcement of the Act concerning the Protection of Personal Information Held by Administrative Organs.

Permissible Screening Components:

• Identity Validation
• Organized Crime and Criminality Searches
• Police Clearance Authentication of Japanese Prefectural Police (JPP) Certificate
• Academic Verifications
• Employment Histories
• Professional Credential Verification
• Reference Interviews
• Civil Suits & Judgments
• Media Searches
• Directorship Search (Conflict of Interest Search)
• Restricted Party Searches

Threshold for Screening Components:

Consent Form –According to the PIPL, when an employer seeks personal information directly from a candidate in writing, the company must clearly indicate the purpose for the use of such information prior to its acquisition. Additionally, in order to eliminate discriminatory hiring practices, the collection of personal information that may cause social discrimination (so-called sensitive information) is generally prohibited and when using a third-party such as a screening provider the consent must be obtained using certain specified forms. Conversely, if obtaining personal information through other means, such as from the individual verbally or from a background screening firm or other third parties, the employer must notify the candidate or publically announce the purpose for the use of the information immediately thereafter, if it was not disclosed beforehand.

Identity Validation

In Japan the Koseki system is used to record Japanese families and the Juminhyo system is used to record individual residents. Foreigners need to register within 90 days under the premises of the laws for alien registration in Japan that creates a separate database for alien residents.

The Residents Basic Registry Network or “Juki Net“was introduced in 2003. This was introduced to increase government efficiency with 264 government tasks to be attached to the new system. In the new system a person identification number is handed out consisting of eleven digits that can be used as a replacement for other identification documents.

Police Clearance

• Scanned image of Japanese Prefectural Police (JPP) Certificate obtained within last 30 days

How to obtain Japanese Police Clearances

Police Certificates:

Official background checks are called “Police Certificates”.  Police Certificates are issued by the prefectural police of the prefecture where the individual currently resides or where has last resided.

Obtaining a Police Certificate is free of charge to a data subject.  The certificate is available in 5 languages, including English.

Japanese police certificates will not contain information about criminal convictions when:

1. The period of suspended sentence has ended;

2. The penalty of the crime was a fine, and the crime occurred more than five years ago;

3. The term of the prison sentence ended more than ten years ago; or

4. The conviction was vacated or the criminal was subject to a pardon or amnesty.

Persons convicted of crimes in Japan may obtain court conviction records indefinitely. The headquarters’ records section of the Metropolitan or Prefectural police issues certificates that include a nationwide criminal records check.

Copyright © 2011 Aletheia Consulting Group

The Role of HR and Today’s Anti-Corruption and Counter Terrorism Regulations

By Terry Corley

A key role for Human Resources and Security in any company is the background screening of not only US based employees, but also of overseas employees, customers, suppliers, vendors, agents and other business associates. HR and or Security are usually on the front lines of such activities, although it may be in conjunction with the Legal or Compliance Department.

I am frequently asked by clients what is considered best practice when it comes to international employee screening. The short answer is that it depends. When asked I try to understand specifically what the organization is trying to accomplish, what sort of compliance requirements are they looking to meet that is relative to their business, and finally what are the countries involved?

A client recently asked what I consider best practice for International Employee Screening as it related to complying with the Foreign Corrupt Practices Act (“FCPA”), United States and International Counter Terrorism and Export Regulations. The client had recently been the subject of enforcement action after it was discovered that the company’s drilling equipment was found in a sanctioned country. It was also discovered that the company had engaged local independent agents from the sanctioned countries without performing proper background checks. Talk about getting caught with your hand in the proverbial cookie jar!

In order to drawl, a set of best practice guidelines about this subject its important to have an understanding of what each regulation is and how it applies to human resources. Then it’s a matter of developing a method and a set of processes that will enable an organization to meet the required outcome there by meeting compliance requirements. I’ll review a few of these regulations and discuss their impact on the overseas background check process.

Foreign Corrupt Practices Act
The FCPA is a federal law that prohibits offering, promising, or giving anything of value, as well as authorizing such an offer, promise, or gift, to a foreign official for the purpose of obtaining, retaining, or directing business to a person or entity. This prohibition is contained in the FCPA’s anti-bribery provisions, which are enforced by the DOJ. The FCPA’s anti-bribery provisions have a much broader reach than many other U.S. laws. U.S. corporations can be liable for conduct that occurs entirely outside the United States and multinational corporations can be liable for conduct that bears only a tenuous connection to the United States. This includes employees of overseas subsidiaries, customers, suppliers, vendors, agents and other business associates.

With the number and size of penalties increasing, the Foreign Corrupt Practices Act (FCPA) is causing many U.S. institutions to look into how they evaluate all of their relationships overseas. The lack of a due diligence of a company’s agents, vendors, and suppliers, as well as merger and acquisition partners in foreign countries could lead to doing business with an organization linked to a foreign official or state owned enterprises and their executives. This link could be perceived as leading to the bribing of the foreign officials and as a result lead to noncompliance with the FCPA. Due diligence in regards to FCPA compliance is required in two aspects:

1. Initial due diligence – this step is necessary in evaluating what risk is involved in doing business with an entity prior to establishing a relationship and assesses risk at that point in time.
2. Ongoing due diligence – this is the process of periodically evaluating each relationship overseas to find links between current business relationships overseas and ties to a foreign official or illicit activities linked to corruption. This process needs to be performed indefinitely as long as a relationship exists, and usually involves comparing the companies, executives, and other business associates to a database of foreign officials that may be classified as “Politically Exposed”.

While financial institutions are among the most aggressive in defining FCPA best practices, manufacturing, retailing and energy industries are highly active in managing FCPA compliance programs.

U.S. and International Counter Terrorism and Export Regulations

Due to the current political climate the last several years, governments around the world have introduced more stringent regulations to combat terrorism and enforce export controls. The United States passed the U.S. Patriot Act along with increased enforcement action related to Export Administration Regulations (EAR). The United Kingdom enacted the Prevention of Terrorism Act 2005, the European Union passed a comprehensive Anti-terrorism Policy, and many other countries around the world continue to introduce similar anti-terrorism and anti-corruption regulations.

Know your customer (KYC) is the due diligence and bank regulation that financial institutions and other regulated companies must perform to identify their clients and ascertain relevant information pertinent to doing financial business with them. In the USA, KYC is typically a policy implemented to conform to a customer identification program mandated under the Bank Secrecy Act and USA PATRIOT Act. Know your customer policies have become increasingly important globally to prevent identity theft fraud, money laundering and terrorist financing.

One aspect of KYC checking is to verify that a customer is not on any list of known fraudsters, terrorists or money launderers, such as the Office of Foreign Assets Control’s Specially Designated Nationals list. This list contains thousands of entries and is updated at least monthly. As well as sanctions lists there are lists of third party vendors that track links between persons regarded as high-risk owing to derogatory foreign media reports about them or in public records.

Know Your Customer processes are employed by more and more regular companies of all sizes, for the purpose of ensuring their proposed agents’, consultants’ or distributors’ anti-bribery compliance. Banks, insurers and export credit agencies are increasingly demanding that customers provide detailed anti-corruption due diligence information, to verify their probity and integrity.

Restricted Party Screening
U.S. and other regional, unilateral, and multilateral regulations restrict individuals and entities from conducting transactions with specific foreign entities (individuals, companies, countries). These entities are referred to as Denied, Debarred, and/or Restricted Parties. Examples of these entities include but are not limited to known terrorists, organizations that fund terrorists, and/or parties guilty of trade violations. Typically, these restricted parties are countries subject to embargoes, and persons, businesses, and organizations subject to financial sanctions.

Suppose a multinational company has a compliance and ethics policy and tells its employees not to pay bribes – is that enough, or should the company go further?

A clear corporate policy against paying bribes is important, as well as including explicit language in every employment and agent agreement that prohibits bribery, but it is also critical for companies to conduct thorough employment and pre-engagement background checks on their agents and other third parties.

FSGO §8B2.1. (b)(3) states: “The organization shall use reasonable efforts not to include within the substantial authority personnel of the organization any individual whom the organization knew, or should have known through the exercise of due diligence, has engaged in illegal activities or other conduct inconsistent with an effective compliance and ethics program.”

Certainly, U.S. government regulators expect nothing less. In a February 2009 FCPA settlement (for $579 million) by KBR and Halliburton with the Securities and Exchange Commission (SEC) and the Department of Justice (DOJ), the SEC criticized Halliburton’ s due diligence policy and practice and its failure to conduct any due diligence on one particular agent in Japan. If the government shows up at your door asking to see the files on your overseas employees and trading partners, you want to be able to produce sufficient documentation to demonstrate you’ve looked thoroughly at the background and reputation of these individuals before engaging them to work on your behalf. This requirement is discussed in the Federal Sentencing Guidelines for Organizations (FSGO), §8B2.1. (b)(3) Effective Compliance and Ethics Program.

On the other hand, if you open your background check file to the government and it is empty or thin, the organization is going to be in a challenging situation. In the event a FCPA violation is uncovered, it is increasingly apparent from past cases that the government is far more likely to be lenient on a company that has a commitment to an anti-bribery compliance and ethics program, including being able to demonstrate the organization has exercised a responsible level of due diligence on their overseas employees and related business associates.

In my next blog post I will discuss what sort of checks should be done to meet due diligence requirements on overseas employees and business associates and the role of Human Resources.