Background Check Vendors Beware: the CFPB’s Authority to Enforce the FCRA Applies to You Too

On November 22, 2019, the federal Consumer Financial Protection Bureau (CFPB) filed a complaint in the U.S. District Court for the Southern District of New York against Sterling Infosystems, Inc. (“Sterling”) regarding allegations that it violated the Fair Credit Reporting Act (FCRA) in providing criminal background checks to employers. Sterling is a “consumer reporting agency” as defined by the FCRA, which provides background check results to employers when requested. The CFPB is an independent federal agency tasked with regulating and enforcing a host of consumer protection and financial protection statutes, including the FCRA.

Specifically, the CFPB’s Complaint alleges that Sterling’s internal procedures violated the FCRA by:

  • Creating a heightened risk that its consumer reports would include criminal records belonging to another individual with the same name as the applicant because Sterling used only two personal identifiers to match criminal records to an applicant;

  • Failing to ensure that public record information that was included in the consumer reports was complete and up to date;

  • Not notifying consumers that public record information was being reported;

  • Reporting adverse information about consumers outside of the allowable reporting period of seven years; and

  • Incorporating “high risk” indicators from a third party source without verifying the accuracy of such designations.

As is routine with the CFPB’s enforcement actions, the agency entered a stipulated judgement and order along with the complaint, which has now been entered by the Court. The Order requires Sterling to pay $6 million in monetary relief to affected consumers (the subjects of the background checks) whose employment opportunities may have been adversely affected by its practices and a $2.5 million civil monetary penalty to the CFPB. The Order also includes injunctive relief to prevent the claimed illegal conduct from recurring. Among other requirements set forth in the Order, Sterling must remain registered on the CFPB’s Company Portal for at least five years and establish a Compliance Committee that will be responsible for overseeing compliance with the Order.

The CFPB’s complaint against Sterling is a blunt reminder that the CFPB’s enforcement jurisdiction extends to allentities subject to the FCRA’s requirements, including employers and background check vendors. It is also a reminder that both the creation of employment background check reports by vendors and the use of such reports by employers when making personnel decisions triggers FCRA compliance obligations, which can be litigated by private plaintiffs on a class-wide basis or the CFPB. FULL ARTICLE

© 2020

InteliCrunch is a free service provided by a collective of people who monitor the background screening industry and how events affect not only the people in it, but even more importantly, the real human impact the industry has on today's society.*All third party logos and / or images used on this website are the sole property and / or registered trademarks of their respective companies or copyright holders. Use of these logos, images or likenesses does not, in any way, imply the endorsement of InteliCrunch by any of the businesses, brands or individuals represented, their parent companies, officers, employees, partners, or affiliates. Any such usage is for informational / news purposes only.  Any / all articles, announcements, releases or third-party-authored content is / are linked back to the original "source"  and author credit given  Furthermore, InteliCrunch is not responsible for, and does not warrant the safety of any third-party links or sites to which any viewer may be directed from InteliCrunch.  InteliCrunch has made reasonable efforts to ensure that any news or informational links on the site are from "known and reputable"  sources / websites.