Sarbanes-Oxley Act of 2002: How does it affect your screening strategy?

By Rob Thomson

The disaster that struck shareholders and employees of Enron, WorldCom, and other well-known companies in the form of corporate accounting scandals a few years ago sent shock waves through global financial markets. It showed that the mechanisms in place at that time to ensure both internal and external fiduciary responsibility in corporate management and financial reporting were seriously flawed. The Sarbanes-Oxley Act of 2002 established new standards for accountability in corporate governance and financial reporting, and harsher penalties for personal misconduct by corporate officers, accounting, and financial professionals. As a result of this legislation, many companies, public and private, are evaluating their internal control strategies to reduce the risk of legal and regulatory violations, not to mention embarrassing public notoriety and damaged reputations.

THIS MEANS YOU!

There is a perception that because candidates for “C” level positions in Fortune 500 companies have well-known track records, expecting them to undergo the same background investigation procedures as everyone else in the company can be considered unnecessary at best, and disrespectful at worst. Now, hold that thought for a moment. Recall some recent unexpected public relations nightmares such as the Smith & Wesson Chairman forced to resign earlier this year after a newspaper reporter wrote about his armed robbery convictions, and the Arizona Diamondbacks Manager fired after only four days on the job when the news media reported multiple brushes with the law and public-record financial difficulties. While both of these individuals may have been fully capable of achieving success in their respective positions, neither of them disclosed their past indiscretions to their employers, and the employers failed to conduct background investigations on them.

With an effective screening program in place, candidates for high-profile positions may be more likely to divulge indiscretions, giving the organization an opportunity to evaluate more fully whether the indiscretion should disqualify the candidate from the job, or to disclose the record at the outset of the employment arrangement to avoid a surprise attack later. Unfortunately, the reality is that the higher the profile of the organization and/or the candidate, the more intense the “paparazzi” effect is likely to be. All sorts of people, legitimate and otherwise, will be leaving no stone unturned looking for information to discredit your company or candidate. Putting Sarbanes-Oxley compliance aside for a moment, the cost of an effective employment screening strategy is far lower and much more predictable than the cost of recuperating from a public relations nightmare or negligent hiring lawsuit.

What does Sarbanes-Oxley have to do with employment screening?

Section 404 of the Sarbanes-Oxley Act calls for annual Management Assessment of Internal Controls. The most widely accepted framework for implementing and maintaining internal controls for Sarbanes-Oxley compliance has been developed by The Committee of Sponsoring Organizations of the Treadway Commission (COSO), in conjunction with PricewaterhouseCoopers. The first of the Five Components of the COSO Internal Control Framework is establishing a Control Environment from the top down. According to the COSO framework, the Control Environment consists of establishing the following:

• Code of Conduct/Ethics
• Ethics Hotline/Whistleblower Program
• Hiring and Promotion Standards
• Oversight by the Audit Committee and Board
• Investigation/Remediation Procedures
  
  

This commentary focuses on the Hiring and Promotion Standards recommended by this framework. The COSO framework recommends a background investigation be conducted on any individual considered for employment or for promotion “to certain positions of trust,” including accounting professionals, anyone in a financial reporting oversight role and any other individuals with direct access to corporate assets, trade secrets, and information systems. COSO recommends the background investigation cover the individual’s educational background, employment history, and any criminal past. COSO also recommends interviews with independent references.

New standards apply to all

What impact, then, will Sarbanes-Oxley have on private companies? Privately held companies are not subject to periodic Sarbanes-Oxley compliance audits, but they will be held to similar standards in the event of employment litigation. The framework for prevention and timely detection of fraud still applies.

Greg Davis, Attorney for Seyfarth Shaw LLP, says “the implementation of the COSO framework will create an industry standard against which companies will be judged and ultimately held accountable. Companies public and private should respond by meeting or exceeding that standard, or risk significant liability arising from substandard screening procedures.”

Smaller companies are less prepared to withstand a lawsuit based on negligent hiring practices or fraudulent actions by employees. Candidates for key positions in these companies are not as well known and their history may oftentimes be unknown to those making the hiring decision. An effective employment screening program will almost always cost less than a day’s salary of the position being filled and will be strong evidence that the employer exercised reasonable due diligence in its hiring processes.

Play Roulette in Vegas, not with your business

Sarbanes-Oxley directly raises the bar of ethics and financial reporting at publicly traded organizations, but its intent and results should be heeded by private organizations as well. Whether it’s a public relations ambush that could have been avoided or costly liability from not having conducted reasonable due diligence in hiring, an effective employment screening program that includes consistency from the top to the bottom of your organization will pay dividends in the long run.

Gregory M. Davis is an attorney in the Chicago office of Seyfarth Shaw LLP, where he assists clients with background screening compliance and litigation defense. He is the co-chair of Seyfarth's nationwide task force on the FCRA and is a member of NAPBS. For more information about Seyfarth Shaw LLP, please visit www.seyfarth.com, or contact Mr. Davis directly at gmdavis@seyfarth.com.