In February 2013, identical bills aimed at reducing employment discrimination against individuals with criminal histories were introduced in the New Jersey Senate (S2586) and the New Jersey Assembly (A3837). Both bills propose the adoption of the Opportunity to Compete Act (the “Act”) which would impose multiple restrictions and requirements on employers in connection with seeking and using criminal background information about job applicants. If the Act is adopted, New Jersey will join a growing list of states, cities, and localities which have passed similar anti-discrimination legislation.
Seven members of Congress wrote a letter last month to Equifax asking for more information about its employment verification subsidiary, The Work Number, which according to a statement made by Jackie Speier (D-California), “appears to have operated under the radar, with little public awareness of the vast trove of [payroll and other] sensitive data it was gathering.” Speier asserted that “Equifax needs to explain exactly how it is using this data, and provide evidence that The Work Number does not pose a threat to the privacy of 190 million Americans.”
While companies say that they sign up with The Work Number because it gives them a convenient way to outsource employment verifications, the seven members of Congress are disturbed by the fact that “… this massive database appears to generate revenue using consumers’ sensitive personal information for profit.”
On March 8, 2013, the U.S. Citizenship and Immigration Services (the “USCIS”) announced that its newly revised Form I-9 is to be used immediately. Notably, as indicated in the Federal Register, the USCIS granted companies until May 7, 2013 to implement the new form, which purportedly has been designed to minimize completion errors. This 60-day grace period allows employers time to adjust their human resource processes, and modify their software. The USCIS has also updated its “Handbook for Employers – Guidance for Completing the Form I-9” (3.8.13 version) to correspond to the new form, and is holding webinars to educate companies in the form’s usage.
The USCIS noted that employers do not need to complete the new form for employees for whom they already have a proper Form I–9 on file, unless re-verification applies. Unnecessary verification may violate the anti-discrimination provision of section 274B of the INA, 8 U.S.C. 1324b, which is enforced by the DOJ’s Office of Special Counsel for Immigration Related Unfair Employment Practices.
Over two years ago, Section 926 of the Dodd-Frank Act called for the SEC to impose “bad actor disqualification”(sometimes referred to as “bad boy disqualification”) on Rule 506 private placements. Under the proposed rule, which is long overdue, an issuer may not rely on Rule 506 exemptionfrom registration if certain individuals or entities associated with the offering have a disqualifying event in their past, such as a violation of securities law, state regulatory order or bar, or similar infraction.
Further, the JOBS Act, enacted last year, provided for the SEC to amend Rule 506 to lift the ban on general solicitation. This rulemaking is also past due, and anxious onlookers speculate that these changes to Rule 506 will get finalized at the same time. While there have been many comments to modify some of the rule’s overbroad applications, it is uncertain if the suggested changes will happen.
Notably, there is an important exception to the disqualification provisions. If an issuer exercises “reasonable care” in making a factual inquiry but is unable to uncover the disqualifying events despite having conducted the requisite due diligence, it will not necessarily lose the ability to rely on Rule 506. Although the proposed rules do not provide bright-line tests for establishing due diligence, they clearly point that the issuer has a duty to make a factual inquiry into the existence of disqualifying events. And depending on the circumstances, representations in agreements and questionnaires may not be adequate. Searching public databases also may be required, and possibly “further steps” which have yet to be defined.
SI understands that the bad boy disqualifiers can stop an offering in its tracks immediately upon the final rule’s adoption. And no matter what the transaction, no one wants to be involved with a “bad boy.” For over a year, our proactive approach has been to include comprehensive searches of the disqualifying event elements in higher level background reports as a value-add. The very real risk that issuers could lose the Rule 506 exemption due to facts of which they are not even aware illustrates the power of effective and thorough due diligence.
The Securities & Exchange Commission (the “SEC”) recently released an educational bulletin to help investors make informed financial decisions and avoid common scams. Its 13 points include:
- Check the investment professional’s background.
Details about experience and qualifications are available through the Investment Adviser Public Disclosure website and FINRA BrokerCheck.
- Be mindful of fees associated with buying, owning, and selling an investment product.
Expenses vary from product to product, and even small differences in these costs can translate into large differences in earnings over time. An investment with high costs must perform better than a low-cost investment to generate the same returns.
- Diversification can help reduce the overall risk of an investment portfolio.
By picking the right mix, you may be able to limit losses and reduce the fluctuations of investment returns without sacrificing too much in potential gains. Some investors find that it is easier to achieve diversification through ownership of mutual funds or exchange-traded funds rather than through ownership of individual stocks or bonds.
- Paying off high-interest debt may be the best “investment” strategy.
Few investments pay off as well as, or with less risk than, eliminating high-interest debt on credit cards or other loans.
- Promises of high returns, with little or no associated risk, are classic warning signs of fraud.
Every investment carries some degree of risk and the potential for greater returns comes with greater risk. Ignore the so-called “can’t miss” investment opportunities or those promising guaranteed returns or, better yet, report them to the SEC.
- Any offer or sale of securities must be either registered with the SEC or exempt from registration.
Otherwise, it is illegal. Registration is important because it provides investors with access to key information about the company’s management, products, services, and finances.
- Do not invest in a company about which little or no information is publicly available.
Always check whether an offering is registered with the SEC by using the SEC’s EDGAR database or contacting the SEC’s toll-free investor assistance line at (800) 732-0330.
- Investing heavily in shares of any individual stock can be risky.
In particular, think twice before investing heavily in shares of your employer’s stock. If the value declines significantly, or the company goes bankrupt, you may lose money and there’s a chance you might lose your job, too.
- Active trading and some other common investing behaviors actually undermine investment performance.
According to researchers, other common investing mistakes include focusing on past performance, favoring investments from your own country, region, state or company, and holding on to losing investments for too long and selling winning investments too soon.
- Con-artists are experts at the art of persuasion, often using a variety of influence tactics tailored to the vulnerabilities of their victims.
Common tactics include phantom riches (dangling the prospect of wealth, enticing with something you want but can’t have), source credibility (trying to build credibility by claiming to be with a reputable firm or to have a special credential or experience), social consensus (leading you to believe that other savvy investors have already invested), reciprocity (offering to do a small favor for you in return for a big favor) and scarcity (creating a false sense of urgency by claiming limited supply).
- Some investments provide tax advantages.
For example, employer-sponsored retirement plans and individual retirement accounts generally provide tax advantages for retirement savings, and 529 college savings plans also offer tax benefits.
- Mutual funds, like other investments, are not guaranteed or insured by the FDIC or any other government agency.
This is true even if you buy through a bank and the fund carries the bank’s name.
- The key to avoiding investment fraud is using independent information to evaluate financial opportunities.
Many investors may have avoided trouble and losses if they had asked questions from the start and verified the answers with sources outside of their family, community, or group. Whether checking the background of an investment professional, researching an investment, or learning about new products or scams, unbiased information is a significant advantage for investing wisely.
In July 2012, the newly-created Consumer Financial Protection Bureau (“CFPB”) under the Dodd-Frank Wall Street Reform and Consumer Protection Act assumed rulemaking and enforcement authority of the Fair Credit Reporting Act (“FCRA”) from the Federal Trade Commission (“FTC”).
Although more changes are likely to come, beginning January 1, 2013, businesses, including employers, and consumer reporting agencies, will be required to provide a new version of the “Summary of Rights” form to individuals before taking any adverse action based on the contents of a consumer report. Notably, the adverse action process that must be followed under the FCRA has not changed; the revisions are generally stylistic and substitute “CFPB” for references to the FTC. There is also an updated and expanded list of contacts included at the end of the form.
To download the PDF versions of the updated Summary of Rights, and forms regarding the obligations of users and furnishers of consumer reports, click on the links below.
On December 7, 2012, the Federal Trade Commission (the “FTC”), submitted its written testimony to the U.S. Civil Rights Commission on the use of criminal background checks in employment decisions. The Commission intends to apply the testimony in reviewing the EEOC’s guidance that an employer’s use of an individual’s criminal history in making employment decisions may, in some instances, violate the prohibition against employment discrimination under Title VII of the Civil Rights Act of 1964. The EEOC suggests that minorities are disproportionately likely to have criminal records, which means that when employers use criminal background reports, minorities are possibly affected more than other groups.
Notably, in its testimony, the FTC, which shares the authority for enforcing the Fair Credit Reporting Act (“FCRA”) with other federal agencies, including the Consumer Financial Protection Bureau (“CFPB”) does not say anything substantial about civil rights.
The testimony does, however, provide a good recap of the legal rights and obligations prescribed by the FCRA when consumer reports are used for employment purposes, and highlights the FTC’s law enforcement efforts in this area. As its starting point, the testimony reminds that the FCRA imposes several requirements on consumer reporting agencies (“CRAs”) that provide consumer reports to employers, which include ensuring that the employer is in fact using the report for a permissible purpose. In the employment context, permissible purposes are limited to “employment, promotion, reassignment, or retention.” Thus, employers may only obtain a consumer report about applicants or employees, and may not simply use their status as employers to get information about competitors, opposing parties in litigation, or anyone else. Relatedly, under the permissible purpose requirement, CRAs must have reasonable procedures in place to ensure that the consumer report users are who they claim.
The CRAs also must comply with certain procedural requirements, such as giving all users of consumer reports a notice that informs them of their duties under the FCRA. The CRAs must obtain certifications from the employer that: (1) it is in compliance with the FCRA; and (2) it will not use consumer report information in violation of any federal or state equal employment opportunity laws or regulations.
Further, the FCRA mandates that CRAs follow “reasonable procedures to assure maximum possible accuracy of the information [15 U.S.C. § 1681e(b)].” It does not establish, however, a requirement of absolute accuracy and does not require that the CRAs guarantee that the reports are error-free.
If a CRA provides a report that has negative information about an applicant or employee that is based on public records — for example, tax liens, outstanding judgments, or criminal convictions — that CRA either has to notify the applicant or employee directly that it has provided the information to the employer, or has to adopt strict procedures to ensure that the information is complete and up to date [15 U.S.C. § 1681k(a)(1)-(2)]. Regardless of whether a CRA opts to provide the notice or adopt strict procedures, FCRA § 1681e(b), as noted above, requires CRAs to have “reasonable procedures to assure maximum possible accuracy.”]
The FCRA also places specific obligations upon employers to provide certain disclosures to the applicants or employees, and obtain their written authorization before using consumer reports. If an employer intends to take an adverse action based either in whole or in part on the information in a consumer report, such as denying a job application, reassigning or terminating an employee, or denying a promotion, the employer must provide the applicant or employee with a pre-adverse action notice before taking the action. The pre-adverse action notice must include a copy of the consumer report on which the employer is relying and a summary of rights under the FCRA. The form, which recently was reissued by the CFPB, describes the consumers’ rights under the FCRA, including the right to obtain copies of their consumer reports and dispute information.
Once the employer has taken the adverse action, it must give the applicant or employee a notice that the action was based on information in the consumer report. This adverse action notice must include the name, address, and phone number of the CRA that supplied the report, and must inform the applicant or employee of his or her right to dispute the accuracy or completeness of any information in the report, and the right to obtain a free report from the CRA upon request within 60 days. Even though a consumer has the right to dispute errors, the CRAs and furnishers of information to the CRAs typically are allowed thirty days to investigate the consumer’s dispute, and the information may not be corrected in time to affect the consumer’s consideration for a particular job.
The FTC points out that it has pursued an aggressive law enforcement program to ensure that CRAs, furnishers, and consumer report users (including employers) comply with their responsibilities under the FCRA, providing details of recent lawsuits for FCRA violations that resulted in civil penalties against CRAs ranging from $800,000 to $2.6 million. Its recent actions against employers included charges against railroad contractors for failing to provide pre-adverse action and adverse action notices to employees who were fired and job applicants who were rejected based on information in their consumer reports. Under negotiated settlement orders, the companies were required to pay penalties in the amount of $1,000 per violation, and are subject to specific injunctive, record-keeping, and reporting requirements to ensure compliance with the FCRA.
The FTC’s enforcement actions and the latest wave of class action lawsuits enforce that FCRA compliance must be a priority for employers, CRAs and furnishers of information alike.
When Congress formulated the Fair Credit Reporting Act (“FCRA”) more than 30 years ago, it noted that the law was enacted in order to protect consumers against “the trend toward…the establishment of all sorts of computerized data banks [that placed a consumer] in great danger of having his life and character reduced to impersonal ‘blips’ and key punch holes in a stolid and unthinking machine which can literally ruin his reputation without cause [116 Cong. Rec. 36570].” This intent has been clearly supported by the amendments that followed allowing greater and more effective protection. But despite the leaps and bounds in legislation, much controversy still exists about the level of protection that this law provides to consumers. And confusion abounds about the compliance requirements for consumer reporting agencies (“CRAs”) on whom the FCRA places “grave” compliance obligations. “There is a need to insure that consumer reporting agencies exercise their ‘grave’ responsibilities with fairness, impartiality, and a respect for the consumer’s right to privacy [15 U.S.C. § 1681(a)(4) (2006)].”
The FCRA mandates that “[w]henever a consumer reporting agency prepares a consumer report it shall follow reasonable procedures to assure maximum possible accuracy of the information concerning the individual about whom the report relates [15 U.S.C. § 1681e(b)].” So what does this mean? Courts have taken two positions in interpreting the language of this section. The “consumer-friendly” version holds CRAs liable for reports that are technically accurate, but may be misleading or incomplete. (Koropoulos v. Credit Bureau, Inc., 734 F.2d 37, 40; D.C. Cir. 1984: “Congress did not limit the Act’s mandate to reasonable procedures to assure only technical accuracy; to the contrary, the Act requires reasonable procedures to assure maximum accuracy.”) The “business friendly” interpretation requires only technical accuracy in the CRA’s reporting. [Todd v. Associated Credit Bureau Servs., Inc., 451 F. Supp. 447, 449 (E.D. Pa. 1977)].
While this case law is helpful in understanding the CRA’s liability under the statute, there is no doubt that a comprehensive guidance on the methodology to assure maximum accuracy is still much needed especially in view of the proliferation of the so-called “national databases” in the recent years. But despite the lack of clear guidance, a reputable CRA knows that “to assure” means “to earnestly inform or tell positively; state with confidence.” And reporting a record that was identified by name only or relying solely on private database record information in an employment background check does not pass the reasonable procedures test by any standard.
In an Internet marketplace that touts instant results, a CRA’s practice of sending searchers to the courthouse, pulling dozens of cases, and reviewing legal documents to ascertain correct subject identification and record information may be counterintuitive for many employers. And it takes time and money to assure the most accurate and up-to-date results. On the other hand, in a world of over a million people, is a quick and cheap database background search of any real value?
Effective January 1, 2013, California will join Maryland and Illinois in significantly restricting employers’ access to their employees’ and job applicants’ social media accounts. Signed into law by Governor Jerry Brown on September 27, 2012 and fittingly announced via Twitter, AB 1844 provides that an employer cannot require or request an employee or applicant to do any of the following:
- disclose a username or password for the purpose of accessing personal social media;
- access personal social media in the presence of the employer;
- divulge any personal social media, except as provided in subdivision.
The law also prohibits an employer from discharging, disciplining, or otherwise retaliating against an employee or applicant for not complying with a request or demand by the employer that violates these provisions. However, an employer is not prohibited from terminating or taking an adverse action against an employee or applicant if otherwise permitted by law.
The law does preserve an employer’s rights and obligations to request that an employee divulge personal social media information reasonably believed to be relevant to an investigation of allegation(s) of employee misconduct or violation of applicable laws and regulations, provided that the information is used solely for purposes of that investigation or a related proceeding. An employer is also not precluded from requiring or requesting that an employee disclose a username or password for the purpose of accessing an employer-issued electronic device.
A companion law, AB 1349 that establishes similar requirements for postsecondary education institutions in regard to their students also goes into effect on January 1, 2013.
It looks like broker-dealers are failing in their due diligence efforts on clients, as required by FINRA’s new Rule 2090. (FINRA is the largest non-governmental regulator of all securities firms doing business in the United States, and handles nearly every aspect of securities-related matters, from registering and educating industry participants, to writing and enforcing rules and the federal securities laws.)
According to several industry reports, the most violated rule this year has been a failure by broker-dealers to comply with FINRA’s know-your-customer obligations, now under Rule 2090 issued in July 2012. The rule, which is generally modeled after the former NYSE Rule 405(1), requires firms to use reasonable diligence regarding the opening and maintenance of every account in order to “know the essential facts concerning every customer.” The rule explains that “essential facts” are those required to:
- effectively service the customer’s account;
- act in accordance with any special handling instructions for the account;
- understand the authority of each person acting on behalf of the customer; and
- comply with applicable laws, regulations, and rules.
The know-your-customer requirements arise at the beginning of the relationship and do not depend on whether the broker has made a recommendation. Unlike the former NYSE Rule 405, Rule 2090 does not specifically address orders, supervision or account opening, which are areas that are explicitly covered by other rules.
In conjunction with this know-your-customer rule, FINRA has adopted transaction suitability Rule 2111, framed after the former NASD Rule 2310, which requires that a firm or associated person “have a reasonable basis to believe that a recommended transaction or investment strategy involving a security or securities is suitable for the customer, based on the information obtained through the reasonable diligence of the member or associated person to ascertain the customer’s investment profile.” According to FINRA, the measures constituting a reasonable diligence will vary depending on, among other factors, the complexity of and risks associated with the security or investment strategy and the firm’s or associated person’s familiarity with the security or investment strategy.
Rule 2111 further defines a customer’s investment profile, specifying that it includes, but is not limited to, the customer’s age, other investments, financial situation and needs, tax status, investment objectives, investment experience, investment time horizon, liquidity needs, risk tolerance, and any other information the customer may disclose to the member or associated person in connection with such recommendation. Accordingly, a broker must attempt to obtain and analyze a broad array of customer-specific factors, and also determine quantitative suitability if the broker has actual or de facto control over a customer account.
FINRA now makes it clear that a broker must have a firm understanding of both the product and the customer, and that the lack of such an understanding itself violates the suitability rule.