Educational Series

California limits social media use by employers and educational institutions

Effective January 1, 2013, California will join Maryland and Illinois in significantly restricting employers’ access to their employees’ and job applicants’ social media accounts. Signed into law by Governor Jerry Brown on September 27, 2012 and fittingly announced via Twitter, AB 1844 provides that an employer cannot require or request an employee or applicant to do any of the following:

  • disclose a username or password for the purpose of accessing personal social media;
  • access personal social media in the presence of the employer;
  • divulge any personal social media, except as provided in subdivision.

The law also prohibits an employer from discharging, disciplining, or otherwise retaliating against an employee or applicant for not complying with a request or demand by the employer that violates these provisions. However, an employer is not prohibited from terminating or taking an adverse action against an employee or applicant if otherwise permitted by law.

The law does preserve an employer’s rights and obligations to request that an employee divulge personal social media information reasonably believed to be relevant to an investigation of allegation(s) of employee misconduct or violation of applicable laws and regulations, provided that the information is used solely for purposes of that investigation or a related proceeding. An employer is also not precluded from requiring or requesting that an employee disclose a username or password for the purpose of accessing an employer-issued electronic device.

A companion law, AB 1349 that establishes similar requirements for postsecondary education institutions in regard to their students also goes into effect on January 1, 2013.

January 7th, 2013|Educational Series, Employment Decisions, Social Media|

Identity theft again tops FTC’s top complaints list for 2011

Identity theft again tops FTC’s top complaints list for 2011

The Federal Trade Commission (FTC) on February 27, 2012 released its list of top consumer complaints received by the agency in 2011. For the twelfth year in a row, identity theft topped the list at 279,156 complaints or 15%. The breakdown for the next nine complaint categories (from a list of 30) is as follows:

Category Number Percentage
Debt collection 180,928 10
Prizes, sweepstakes, and lotteries 100,208 6
Shop-at-home and catalog sales 98,306 5
Banks and lenders 89,341 5
Internet services 81,805 5
Automobile-related 77,435 4
Imposter scams 73,281 4
Telephone and mobile services 70,024 4
Advance-fee loans and credit protection/repair 47,414 3

 
The FTC records the complaints in its Consumer Sentinel, a secure, online database available to more than 2,000 civil and criminal law enforcement agencies in the U.S. and abroad. Other federal and state law enforcement including the U.S. Postal Inspection Service, the Department of Justice’s Internet Crime Complaint Center, and the attorneys general offices of Idaho, Michigan, Mississippi, North Carolina, Ohio, Oregon, Tennessee, and Washington also contribute to the database content, along with private-sector organizations such as U.S. and Canadian members of the Better Business Bureau, Western Union and Moneygram, and the Lawyers Committee for Civil Rights Under Law.

February 29th, 2012|Criminal Activity, Educational Series|

Federal Sentencing Guidelines: a lure to organizational compliance

About 20 years ago, the United States Sentencing Commission (USSC) enacted the Federal Sentencing Guidelines (FSGs) for organizations with the intent to govern the sentencing of companies convicted of federal crimes. The FSGs, which have been amended several times, hold that organizations can act only through agents and, under federal criminal law, generally are vicariously liable for offenses committed by their agents.

A proactive approach to prevent, detect and report illegal and unethical activities can substantially reduce fines and punishment, in some cases up to 95% according to a commentary by the USSC. The USSC specifies that the two factors that mitigate an organization’s ultimate punishment are “the existence of an effective compliance and ethics program, and self-reporting, cooperation, or acceptance of responsibility.” In contrast, the absence of solid compliance mechanisms can increase fines and punishment, as verdict determination is based on “the organization’s involvement in or tolerance of criminal activity, its prior history, violation of an order, and obstruction of justice.”

The compliance incentives provided by the FSGs and the proliferation of new regulations mandate a cultural imperative for ethical and law-abiding conduct by all companies, large and small. High-level attention, leadership and sufficient resources must be dedicated to meet the strict requirements of a compliance program defined by the USSC as “effective.” In its manual, the USSC emphasizes the necessity of strong due diligence to prevent and detect criminal conduct. Among its guidelines, a provision in Chapter 8 notes that:

“The organization shall use reasonable efforts not to include within the substantial authority personnel of the organization any individual whom the organization knew, or should have known through the exercise of due diligence, has engaged in illegal activities or other conduct inconsistent with an effective compliance and ethics program.”

Comprehensive background investigations, whether for employment purposes, evaluation of prospective clients, existing relationships and third-parties, or for other business transactions, are essential for compelling due diligence which actualizes a masterful compliance strategy. Although various committees and officials are calling for a complete review of the FSGs which the 2005 landmark case U.S. vs. Booker held as discretionary rather than mandatory, well-developed compliance programs are here to stay.

Scherzer International is on the forefront of the quick-changing regulations regime with a portfolio of background investigation products designed to facilitate purposeful risk management and compliance protocols. Visit us often at www.scherzer.com as we continuously analyze and test new elements and incorporate them into our products if they have proven value. And stay tuned for a Dodd-Frank regulations product which we will introduce within the next few months.

November 29th, 2011|Criminal Activity, Educational Series, Judgment|

Epidemic of fake websites is real

Cyber crime experts report that fake websites are proliferating at the rate of 60,000+ per week or over 3,100,000 per year. And the fraudsters’ malicious exploitations are getting bold and more sophisticated, creating sites that are difficult to discern from those of legitimate businesses or organizations. From banks (which make up about 68% of fraudulent sites) to regulators and news reporting agencies, no entity is immune.

Recently, several local and national newspapers reported on a publicity campaign by a public relations company that purportedly set up a fake news site to promote one of its clients, a public entity, with positive articles and press releases “written in the image of real news” by “journalists” who allegedly do not exist. Although Web experts note that it is fairly common for celebrities and private-sector businesses to generate buzz or improve sales through news coverage, open government advocates called this stunt an egregious breach of trust and ethical standards.

The Federal Trade Commission (FTC) issued warnings a few months ago about scam artists exploiting well-known news organizations by setting up fake news sites to peddle their wares. The sites, which usually display logos of legitimate news organizations, promote everything from bogus weight loss products to work-at-home jobs, anti-aging products and debt reduction plans. The FTC cited several investigations that resulted in charges against the fraudsters, saying that many of the websites are owned by marketers and used to entice consumers to click on links to the sellers’ sites. In its case against acai berry supplement peddlers, the FTC disclosed that the sellers paid the marketers a commission based on the number of consumers they lured to their sites. There was no reporter, no studies, no dramatic weight loss, no satisfied consumers who left comments, and no affiliation with a reputable news source. As a rule, the FTC noted, legitimate news organizations do not endorse products.

The FTC itself, and other regulators have not escaped the fraudsters’ blitz. In April 2011, the FTC brought charges against an individual for multiple violations of the Federal Trade Commission Act for misrepresenting his affiliations with federal agencies, including the FTC, misrepresenting that the services advertised on his websites were government-approved, and making deceptive debt relief claims. The FTC alleged that the individual, a Texas-based “lead generator,” set up several websites through which he associated his business with a fictitious government agency – the “Department of Consumer Services Protection Commission” – that appeared to combine two real government entities, the Federal Trade Commission and the Consumer Financial Protection Bureau. Among other charges, the FTC stated that to further these scams, the websites depicted the FTC’s official seal, copied language about the fictitious agency’s consumer protection mission from the FTC’s site, and claimed that the fake agency “monitors and researches” member companies that provide financial assistance to American consumers.

The scammers and their fake websites are also busy abroad. Earlier this month, international news sources reported that Russian fraudsters set up a counterfeit site of a popular five-star hotel, complete with the real hotel’s photographs, room descriptions and services. According to published reports, they also paid a fee to Google to ensure that their bogus site was listed before the hotel’s genuine site. The fraudulent website purportedly came to an abrupt end after, among other disparities, it was discovered that the room rates were advertised in dollars.

Another story about a flagrant website invasion came in October 2011 from Belgrade, where Serbian media reported that a mock-up of the official Nobel Prize website was set up purportedly by political activists to promote their causes and views.

Fraudulent websites appear daily and no industry or organization is beyond these fraudsters’ reach. Scherzer International, a provider of specialized background investigations for business transactions and employment decisions, includes comprehensive website reviews in its reports. We know how to spot scams, exaggerated claims and other red flags.

November 29th, 2011|Educational Series, Fraud|

Department of Justice filed a record number of criminal cases in 2011

Acting Assistant Attorney General Sharis A. Pozen in a November 17, 2011 published speech reported that in the fiscal year 2011, the DOJ filed 90 criminal cases — the highest number in the past 20 years. The DOJ agreed to more than $520 million in criminal fines, which is close to the amount in 2010 (which totaled 60 cases.) In this year’s 90 cases, 27 corporations in the real estate, optical disk drives, auto parts, air cargo, and financial services industries were charged along with 82 individuals.

Pozen also disclosed that the DOJ has been conducting an international cartel investigation into price fixing and bid rigging in the auto parts industry, which already resulted in the guilty pleas of one corporation and three individuals, $200 million in fines, and three jail terms for the executives involved in the conspiracy.

In the real estate industry, Pozen said that the DOJ continues its investigations into bid rigging conspiracies at public real estate foreclosure auctions and tax lien auctions. With the help of the FBI, the DOJ agents ferreted out the ways in which the participants coordinated their bids. To date, 32 defendants have pleaded guilty to conspiracy charges, according to Pozen.

The DOJ remains focused on criminal activity in the financial services sector. Pozen noted that together with several federal and state agencies, the DOJ has been investigating a criminal conspiracy involving bid rigging in the municipal bond investments market, resulting in nine pleas of individuals this year. These investigations, which are ongoing, impelled JPMorgan Chase to enter into an agreement to resolve its role in the conspiracy, and agree to pay $228 million in restitution, penalties, and disgorgement to federal and state agencies. Earlier in the year, UBS AG also agreed to pay a total of $160 million and Bank of America previously consented to $137.3 million.

November 17th, 2011|Criminal Activity, Educational Series|

Paying for ambiguity: the myths of instant background checks and national databases

The cottage industry of data-collection agencies that provide inexpensive background information is flourishing even in this tough economy. Many prospective employers with tight budgets believe they can save money by relying on the “national” records that are spewed out within minutes of entering a credit card number. So just what do you get for $19.99? Not much. Or a lot…a lot of worthless data, that is. Unverified name-match only records come up by the hundreds if the name is fairly common. And it is nearly impossible to determine case details or duplicate filings, as the cryptic printouts often require specialized knowledge that is specific to each state, municipality or records venue.

Many subjects who are flagged as criminals in these databases have never been convicted of a crime. In fact, according to the U.S. Bureau of Justice statistics for felony defendants in large urban counties, one-third of felony arrests never lead to a conviction. And there is no standardized process for reporting arrests and dispositions or updating the records at the various court levels. Some reported offenses are not actually violations of the criminal code in the particular state, but may still show up in these databases.

There are few regulations governing the use of background information beyond the provisions of the Fair Credit Reporting Act (FCRA). The Federal Trade Commission (FTC) does not mandate that data aggregators provide guidance on how to properly interpret their records. The only possible value of these so-called national databases is to serve as an indicator that a record may exist, and use the search results to supplement a full investigation. Since the FCRA requires that all “reasonable procedures to assure maximum possible accuracy of the information are followed” and that “the information is complete and up-to-date,” searches for employment purposes must be conducted either manually or through direct access in the particular court where the record is filed.

Employment experts at a July 2011 Equal Employment Opportunity Commission (EEOC) hearing urged the Commission to consider the comprehensive recommendations put forth by the National Employment Law Project (NELP) in its report on the effect of criminal background checks in employment decisions. Among its recommendations, the NELP suggested that the EEOC revise its now 20-year-old guide on conviction records in view of the “intervening proliferation of instant computerized background information…” The EEOC should also address the “use of arrest records and third-party databases that are considered a part of the hiring process.”

October 17th, 2011|Educational Series|

Risk-based approach to employment screening rates high on value chain

In today’s world just about every company knows that an effective employment screening program is invaluable for hiring qualified individuals, reducing turnover, deterring fraud and other criminal actions, and avoiding or mitigating litigation.

Recognizing that a “bad” hire is a threat to the bottom line, many companies, from investment bankers to law firms, are taking a risk-focused approach to background investigations and deciding what is appropriate or how much should be done to ensure organizational success. For example, obtaining a credit report or checking civil records for an entry-level applicant with low risk responsibilities may be of limited use, while reviewing such record histories for someone who will handle money or have access to sensitive information may be imperative in assessing his/her suitability for a position of trust.

Best practices in both the government and in the private sector indicate that a risk designation should be determined for every position, based on its description of duties and responsibilities. The risk grade should be commensurate with the employee’s assigned trust level, financial accountability, access to sensitive and confidential information and critical data systems, autonomy, discretionary authority, and potential opportunity for misconduct.

To be effective and non-discriminatory, employment screening policies need to specify a uniform set of background investigation elements for all position/assignment levels, including new hires, temporary workers, interns, transferred and promoted employees, contractors and volunteers.

SI has a full suite of employment background investigation products. Please visit our website at https://scherzer.co/ to learn more or order an investigation.

September 13th, 2011|Educational Series, Employment Decisions, Risk Management|

Rudiments of a Ponzi scheme

The scheme is named after Charles Ponzi, who duped thousands of New England residents into investing in postage stamp speculation in the 1920s. But Ponzi is not the original mastermind behind the scheme; various reports show that there were several similar scams before he was born. (Charles Dickens’ 1857 novel “Little Dorrit,” for example, described such a scheme whereby the fraudulent dealings of Mr. Merdle led to the collapse of his bank.) Ponzi’s operation, however, took in so much money that it was the first to become widely known in the United States. Ponzi promised investors that he could provide a 50% return in just 90 days, at a time when the annual interest rate for bank accounts was 5%. Based on the arbitrage of international reply coupons for postage stamps, Ponzi quickly diverted investors’ money to support payments to earlier investors and to himself.

As originally designed, a Ponzi scheme remains a fraudulent operation that pays returns to separate investors, not from an actual profit earned but from the investors’ own money or money paid by subsequent investors. The scheme typically entices new investors by offering returns that other investments cannot guarantee, in the form of short-term yields that are either extraordinarily high or unusually consistent.
The main reason why the scheme initially works is that the early investors, those who actually got paid the large returns (from the investments of new entrants) reinvest their money in the scheme. Meanwhile, the fraudsters gain the investors’ confidence, maintaining the deception of high profits. Claims of a “proprietary” investment strategy, which must be kept secret to ensure a competitive edge, frequently is touted to hide the fraudulent operation.

The fraudsters also try to minimize withdrawals by offering new plans to investors, often freezing their money for a long time in exchange for higher returns. If a few investors do wish to withdraw their money in accordance with the strict terms, the requests are usually promptly processed, giving the illusion to other investors that the fund is solvent.

But once the required continuous stream of investors slows down, the scheme begins to collapse as the fraudsters start to have problems paying the promised returns (the higher the returns, the greater the risk of collapsing). Such liquidity crises often trigger panics, as more people start asking for their money, similar to a bank run. (A bank run, also known as a “run on the bank” occurs when a large number of customers withdraw deposits because they believe the bank is, or might become, insolvent.)

External market forces, such as the global economy decline in 2008, also cause many investors to withdraw part or all of their funds, not necessarily because of fraud suspicions, but simply due to underlying market conditions. (In Madoff’s case, the fund could no longer appear legitimate after investors attempted to withdraw $7 billion in late 2008.)

And of course, there is rarely a happy ending to this story as fraudsters attempt to vanish, taking the remaining investment money with them.

August 10th, 2011|Educational Series, Fraud|

Subcommittee approves legislation to protect consumers against data theft

On July 20, 2011, the Energy and Commerce Subcommittee on Commerce, Manufacturing, and Trade approved legislation to protect consumers from cyber attacks and identity theft. The Secure and Fortify Electronic Data Act (H.R. 2577), or SAFE Data Act now moves to the full Energy and Commerce Committee for consideration.

The Act would require all businesses that maintain personal information to implement security programs, which, among other mandates, would include a protocol to notify affected individuals of an information security breach. Preempting over 45 existing state information security and breach notification laws, the Act would task the Federal Trade Commission with developing the security rules.

According to its author, Chairman Bono Mack, the Act will enhance protection of personal information by establishing uniform national standards for data security and data breach notification. The preemption provision also would provide certainty for businesses in addressing information security breaches that now are subject to the multitude of state requirements.

Some legislators and advocates have criticized the proposed law as too narrow, as it would require breach notifications only when an individual’s name, telephone number or credit card number is compromised along with a Social Security number, driver’s license number or other government-issued ID. With some state laws requiring notification when, for example, a credit card number, financial account number, Social Security number, or biometric data alone (without the individuals name) is compromised, the practical notification threshold under current state breach notification laws may be significantly lower than that proposed by the Safe Data Act.

July 29th, 2011|Educational Series, Legislation|

Challenges of international background investigations

Many transactions today, whether they involve an employment hiring decision or a new business relationship, are cross-border or have an international component. The need for effective risk management both in the U.S. and abroad has vastly expanded in recent years with the passing of legislation and increased enforcement actions. Behind just about every business decision, there is a widening range of stakeholders — from regulators to shareholders to board members — who expect that the due diligence process will minimize unlawful activities.

International background investigations, which are essential for a comprehensive approach to due diligence, present special challenges since each country has its own laws, customs, and procedures. Language barriers, name variations and transliterations, limited information and technology, broad definitions of crimes, and proliferation of fraudulent educational and accreditation institutions, are just some of the factors that add to the complexity of these investigations.

As a general rule, in most European countries, criminal records are not available to the public. In Asia, public accessibility to most court filings is limited. In South America, public records vary greatly from country to country. South Africa provides some disclosure of police records and warrants to the public, along with   civil filings. Canada’s public records availability differs by province, and only a few permit criminal records release. India and Australia have the most searchable records, similar to the U.S.

For employment purposes, the Fair Credit Reporting Act (FCRA) imposes certain obligations for international background screening performed by a U.S. Consumer Reporting Agency (CRA), including mandating reasonable procedures to ensure the accuracy of the information it reports. If a public record such as a criminal conviction is found, the CRA must ascertain that the information is correct, up-to-date, and reported in a way that does not violate data or privacy protection rules.

In 2000, an agreement between the U.S. Department of Commerce and the European Commission established privacy and data protection guidelines, the “Safe Harbor Principles,” to enable U.S. companies to satisfy a requirement under European Union law for adequate protection of personal information transferred from the European Economic Area (the 25 member states of the European Union plus Iceland, Liechtenstein and Norway.) In addition to these principles, the Gramm-Leach-Bliley Act (GLBA) requires financial institutions and businesses that receive personal information to establish safeguards for the handling and disclosure of that information. And the Fair and Accurate Credit Transactions Act (FACTA), a federal legislation, also contains provisions to help reduce identity theft and obligates the proper disposal of personal consumer information.

The cost of an international background investigation typically is higher than domestic searches, and varies with each country, the type of information that needs to be obtained and the purpose of the investigation. When performed by a reputable firm with qualified foreign contacts, an international background investigation can reduce negligent hiring liability, and prevent a catastrophic investment or reputational damage.

July 25th, 2011|Educational Series, Legislation|
© 2012- SCHERZER INTERNATIONAL | ALL RIGHTS RESERVED
Go to Top