Cory Groshek’s LinkedIn profile says he’s “a highly driven, motivated, creative, and industrious individual that is committed to empowering men, women, and children worldwide to create the greatest lives and experiences possible for themselves through positive thinking, passionate beliefs, and inspired actions.” Yet, one of his most “industrious” (and devious) accomplishments is a scheme that earned him approximately $230,000. He’s part of a new breed of scofflaws that we like to call “Background Check Bandits.” These bandits educate themselves about the Fair Credit Reporting Act or FCRA, apply for jobs to discover which companies are violating the act and then sue companies for screening violations so they can blackmail them into settlements. All companies need to beware of Background Check Bandits.
Under the FCRA, companies wishing to obtain an individual’s background check must make a “clear and conspicuous disclosure” of their intention to do so. Groshek has taught himself to spot when companies fail to properly make that disclosure, burying it in fine print or several pages of forms.
If Groshek sees a violation, he threatens to sue on behalf of all recently hired employees. Under the law, each employee could be entitled to receive up to $1,000. In situations where the company has conducted hundreds or even thousands of background checks in the past few years, this gives Groshek the leverage he needs to negotiate a settlement.
According to an article in the Milwaukee Journal Sentinel, “Groshek believed the FCRA required a separate, single-page disclosure of a company’s intent to obtain consumer credit reports. Some companies, Groshek found, included the disclosure in other documents. Some companies included it in an online application program.”
The Journal reports that Groshek, 33, applied for 562 jobs over an 18 month period in an effort to catch companies in alleged FCRA violations, threatened to sue at least 46 companies that performed background checks on him for alleged FCRA violations, and received settlements from approximately 20 of these companies.
Some lawyers that specialize in employment law believe this is an emerging cottage industry with plaintiffs actively suing companies that violate the FCRA. According to WebRecon, a Michigan-based company that tracks consumer litigation, nearly 400 FCRA class-action lawsuits were filed in 2015, almost double the number filed in 2014. Moreover, federal judges routinely allow FCRA lawsuits to proceed. Unable to get their cases dismissed, numerous companies have paid out seven-figure settlements in lawsuits just like the ones Groshek has been filing.
And the cases aren’t just about how the disclosure form is presented, but also about language in the disclosure form (no liability waivers allowed), failing to follow the legally required adverse action process, denying employment based on inaccurate public records (nationwide and statewide criminal database searches), obtaining background checks without the applicant’s authorization and other violations.
Until recently, it was much easier for plaintiffs like Groshek to pressure companies into settlements because the law allowed for the maximum $1,000 award if the person (or people) suffered no actual harm. A mere violation of the law, called statutory damages, was sufficient.
However, the US Supreme Court recently ruled in Spokeo, Inc. v. Robins that consumers must prove “concrete” injury in class action lawsuits for alleged “bare” violations of a federal statute. Even though a plaintiff must now prove they suffered a concrete injury to prevail in court, this does not prevent people from suing and pressuring companies into settlements.
Most companies carry insurance that can indemnify them against these lawsuits but this doesn’t reduce the impact of the lawsuit, including the numerous hours spent consulting with lawyers, gathering documentation, participating in depositions and settlement talks, not to mention how all of this can negatively impact employee morale, make it challenging to attract qualified talent and possibly harm the company’s brand with negative media coverage.
In light of this emerging cottage industry, it’s no longer acceptable to skate by, assuming that your background checks program is legally compliant. You should take steps to ensure that your company is fully compliant, including:
1) Consult an experienced lawyer who specializes in employment law to audit your process and advise you on corrective actions. Then formalize your company’s background checks program in a document and use it to educate and train people on your team who will be involved with the process.
2) Use a background checks company that requires their customer service agents to earn FCRA Certification from the National Association of Professional Background Screeners (NAPBS).
3) Have your team earn their FCRA Certification from the NAPBS. They offer basic and advanced certification programs and non-members can apply.
Mitigating a company’s risk is one of the chief responsibilities of the HR department (or the person responsible for HR functions). Ensuring that your background checks program is legally compliant will help protect your company from being targeted by the likes of Cory Groshek.
Download our white paper with some helpful tips on how to protect your company from people like Mr. Groshek.Download Here