Effective from Oct 11 2022 - Oct 10 2022 To view other versions open the versions tab on the right
Principle
Member Organisations should ensure background checks are conducted on employees, including contractors, to reduce the exposure to internal fraud risks and reputational damage resulting from the actions of staff of the Member Organisation.
Control Requirements
a.
Employee Due Diligence measures should reflect the risks of internal fraud impacting the Member Organisation.
b.
Employee Due Diligence should have the objective of establishing the identity, integrity, and verifying the credentials of the employee, enabling the Member Organisation to determine whether they are suitable for the position.
c.
Employee Due Diligence should consist of screening and background checks on the employee, including but not limited to:
1.
Confirmation of identity.
2.
Criminal background checks.
3.
Conflict of interest checks.
4.
Verification of qualifications claimed.
5.
Previous employment checks.
d.
Employee Due Diligence should be:
1.
Conducted as part of the hiring process.
2.
Reassessed when an existing employee moves to a new role.
3.
Reperformed periodically on a risk-based approach (e.g., re-performance of screening for criminal or fraudulent behaviour to validate that employees remain suitable for the position).
e.
Member Organisations should assess roles which represent a high risk of fraud and document any enhanced checks required.
f.
The outcome of Employee Due Diligence checks should be retained in line with the Member Organisation’s record management policies for personal information.
Book traversal links for 4.2.1 Employee Due Diligence