Why Risk Management?
Most businesses tend to focus on their bottom line and daily operations, leaving discussions of risk management to strategic planning sessions or, unfortunately, to corrective measures after problems arise.
However, the increase in outsourcing of services at all levels has made the risk management function more complex and time consuming, while the level of risk involved with contractor and vendor management has continued to grow.
There are inherent risks to every business, generally falling into the broad categories of reputational, financial and legal risk. Although most businesses will have risk exposure in all three areas, one or two will typically be more prominent. Active mitigation of these risk areas is necessary, and PlusOne Solutions® specializes in this.
We understand organizations are not in business to monitor a myriad of requirements or control the mountains of paperwork they may generate. This is an area of special sensitivity in which organizations must understand all applicable regulations, including recent modifications. Or else contract with a firm, such as PlusOne®, whose business it is to stay current on the legislation and the impact it has on its clients.
In the areas of contractor and vendor management, several relevant pieces of legislation must be recognized and understood as they relate to the screening of contractors and vendors.
- Fair Credit Reporting Act (FCRA – United States): Congress enacted this legislation to ensure consumer reporting agencies conduct themselves with fairness, impartiality and respect for the consumer’s right to privacy. This covers consumer reports that have a bearing on a consumer’s credit worthiness, credit standing, credit capacity, character, general reputation, personal characteristics or mode of living, which may be used or collected to establish the consumer’s eligibility for credit, insurance, employment or certain other purposes. PlusOne Solutions® is a consumer reporting agency, acting on behalf of its clients, and the FCRA pertains primarily to reporting and communication related to results of background screenings. View our Safe Contracting Programs page for more information.
- Equal Employment Opportunity Commission (EEOC – United States): Responsible for enforcing federal laws that make it illegal to discriminate against a job applicant or an employee because of the person's race, color, religion, sex, national origin, age, disability or genetic information, the Equal Employment Opportunity Commission recently generated a great deal of attention among employers and contracting organizations for its opinions related to potential discrimination on the basis of criminal arrests and convictions, whether in direct hiring or the hiring of contracted workers. The EEOC Guidance stated such decisions must be made on an individual basis, with the primary considerations being whether the conviction has an impact on job relevance or business necessity. Certain other factors called “Green Factors,” based on Green v. Missouri Pacific Railroad, can also be considered. These take into account the nature and gravity of the offense and conduct; the time that has passed since the offense or conduct took place and/or completion of the sentence; and the nature of the job held or sought. The use of arrest records is not recommended, and EEOC guidance notes that the “the conduct, not the arrest, is relevant for employment purposes.”
- The Personal Information Protection and Electronic Documents Act (PIPEDA – Canada): The Act establishes rules for the management of personal information by organizations involved in commercial activities, with the objective of striking a balance between an individual's right to the protection of personal information and the need of organizations to obtain and handle such information for legitimate business purposes. Organizations can only collect personal information appropriate for the specific transaction; they must explain why they need the information, what it will be used for and whether they plan to disclose it to anyone else. They must also obtain consent for this use and disclosure. Individuals may obtain information about themselves held by an organization and can request that inaccurate or incomplete information be corrected. Exceptions include such matters as national security, solicitor-client privilege and threats to the safety of others. There are also provincial privacy requirements that may be applicable.
What is of particular benefit to our clients is PlusOne Solutions®, working on their behalf, remains aware of what can be reviewed and reported, the information that can be used as part of the decision making process, and the processes to be followed in the event of adverse findings of information generated through screenings.