The Consumer Financial Protection Bureau (CFPB) announced that it has taken action against two large background screening companies. Yes, you are reading this correctly. The CFPB…not the Federal Trade Commission, has taken an enforcement action against two background screening companies. Holy smokes Batman! This is very big news and screening companies must take note.
Breaking it down. The Consent Order is about: (i) the accuracy of the reports under section 607(b) of the Fair Credit Reporting Act (FCRA); (ii) public records and section 613 of the FCRA related to notice versus strict procedures; and (iii) the obsolescence rule under section 605(a) of the FCRA. It is about employment background screening reports to employers. Action is pursuant to the FCRA. The fines total $13 million.
If you are a background screening company the Consent Order is mandatory reading so you can reflect upon and consider how the allegations/findings are addreseed (or not) by your company. Here’s what the CFPB alleges about the screening companies:
-
They failed to take basic steps to assure accuracy: The CFPB alleges, among other things, that there was no requirement for employers to provide consumers’ middle names; no written policy for researching consumers with common names or nicknames; and a failure to use an audit process to adequately test the accuracy of the reports provided.
-
They failed to meet certain requirements when reporting public records: this part of the Consent Order blends with the 607(b) allegations about accuracy and failure to maintain appropriate procedures under section 613 of the FCRA.
-
They included impermissible information in consumer reports: The CFPB alleges that both companies failed to take measures to prevent non-reportable civil suit and civil judgment information older than seven years from being impermissibly included in their reports because they did not have sufficient policies and procedures in place.
Important – starting on page 11 of the Consent Order the CFPB spells out what a Compliance Plan should look like. Read it if you are a background screener.