The Catholic University of America

Summary of Federal Laws

Employment

Compliance Partners

Director of Information Security

AVP for Human Resources

Related Policy

Identity Theft Prevention

Equal Employment Opportunity

Fair Credit Reporting Act (FCRA) (amended by the Consumer Credit Reporting Reform Act of 1996 and the Fair and Accurate Credit Transactions Act of 2003)

15 U.S.C. § 1681 et seq.; 16 CFR 681 (Identity Theft Rules)

The Fair Credit Reporting Act, which is a subchapter of the Consumer Credit Protection Act (15 U.S.C. § 1601 et seq.) requires employers to advise applicants if employment was denied based on a credit report.

Requirements for Employers Who Use Credit Reports in Hiring: The Consumer Credit Reporting Reform Act of 1996 imposes several obligations on employers who use credit reports when evaluating applicants or employees for employment, promotion, reassignment, or retention. Employers, before obtaining a consumer report (and this includes criminal background checks) must disclose in writing to the applicant or employee that it may obtain a consumer report for employment purposes, and secondly, secure the written consent of the applicant or employee. Note that when using a third party consumer reporting agency to request motor vehicle record checks for employment purposes, the FCRA should be followed, and notice given to the applicant or employee. See the Baylor Disclosure of Intent to Procure Consumer Reports and accompanying Release form for an example.

The employer must also certify to the consumer reporting agency that it will comply with the Act's disclosure requirements and that any information obtained will not be used in violation of any applicable federal or state equal employment opportunity law or regulation. A consumer report that bears on an individual's character, or mode of living and is obtained through personal interviews is known as an "investigative consumer report." The use of this type of report triggers additional disclosure requirements. Within three days of requesting such a report, the employer must mail or otherwise deliver written notice to the applicant or employee of said action. The employer must also advise the applicant or employee of his/her rights under the law, which includes disclosure by the employer of the nature and scope of the investigation. This advice must be sent no later than five days after the request was received, or the report was first requested, whichever is later.

What to do if the employer obtains a negative background check

If an employer wishes to take any adverse action (not hiring, not promoting, firing) based upon the results from a third party reporting agency, prior to taking action, the employer must supply (send or give) the employee or applicant a copy of the background report, and a description of his/her rights under the FCRA. (see below under resources for handout) The employee/applicant must be given an opportunity to contest the documents. The FTC has approved a five business day waiting period. After any adverse action is taken, the employer must give the applicant/employee the following information:

*notice of adverse action taken

*name, address, and phone number of consumer reporting agency that provided report

*statement that the reporting agency did not make the adverse decision, and cannot give the

consumer a reason for the decision

*notice of consumer's rights to obtain a free copy of report within 60 days

*notice of consumer's right to dispute accuracy or completeness of report

(See Using Consumer Reports: What Employers Need to Know, by the FTC)

Requirements for Furnishers of Information Under FCRA Amendments: Any entity who reports information about consumers to a credit reporting agency must meet more stringent reporting conditions which attempt to guarantee accuracy. This law applies to universities that furnish student loan repayment information to credit bureaus. The law prohibits reporting information that the university knows or consciously avoids knowing is inaccurate, and requires correcting and updating of inaccurate or incomplete information. Disputes must be reported, and new rules apply to the dating of first delinquencies. By providing the consumer with an address to report information that they believe is inaccurate, the furnisher is relieved of some of the liability associated with the reporting of inaccurate information. Upon notice of dispute, the information furnisher must conduct an investigation and report the results to the consumer reporting agency. See 15 U.S.C. § 1681i.

Interim Final Rule (Dec. 27, 2011) and updates on further regulatory actions under Fair Credit Reporting Act*

 

Interim Final Rule, Identity Theft Red Flags and Address Discrepancies Under the Fair and Accurate Credit Transactions Act of 2003, as Amended by the Red Flag Program Clarification Act of 2010, 77 Fed. Reg. 72712, Dec. 6, 2012.

The Clarification Act retains the ECOA definition of ``creditor,'' but generally limits the application of the Red Flags Rule to those ECOA creditors that regularly and in the ordinary course of business engage in at least one of the following three types of conduct:

  • Obtain or use consumer reports, directly or indirectly, in connection with a credit transaction or
  • Furnish information to consumer reporting agencies in connectionwith a credit transaction or
  • Advance funds to or on behalf of a person, based on an obligation of the person to repay the funds or repayable from specific property pledged by or on behalf of the person.
     

FCRA and Perkins Loans (overside for federal student loans)
There is a provision in the FCPA that states credit bureaus can only report negative information (unpaid loans) for up to 7 years: 15 USC 1681c(a)(5):

§ 1681c. Requirements relating to information contained in consumer reports

(a) Information excluded from consumer reports. Except as authorized under subsection (b), no consumer reporting agency may make any consumer report containing any of the following items of information:
(4) Accounts placed for collection or charged to profit and loss which antedate the report by more than seven years.

But this is superseded by the Higher Education Act: 20 USC 1080a(f):

§ 1080a. Reports to consumer reporting agencies and institutions of higher education

(f) Duration of authority. Notwithstanding paragraphs (4) and (5) of subsection (a) of section 605 of the Fair Credit Reporting Act (15 U.S.C. 1681c(a)(4), (a)(5)), a consumer reporting agency may make a report containing information received from the Secretary or a guaranty agency, eligible lender, or subsequent holder regarding the status of a borrower's defaulted account on a loan guaranteed under this part [20 USCS §§ 1071 et seq.] until--
(1) 7 years from the date on which the Secretary or the agency paid a claim to the holder on the guaranty;
(2) 7 years from the date the Secretary, guaranty agency, eligible lender, or subsequent holder first reported the account to the consumer reporting agency; or
(3) in the case of a borrower who reenters repayment after defaulting on a loan and subsequently goes into default on such loan, 7 years from the date the loan entered default such subsequent time.

And 20 USC 1087cc(c)(3):

(c) Cooperative agreements with consumer reporting agencies.
(1) For the purpose of promoting responsible repayment of loans made pursuant to this part [20 USCS §§ 1087aa et seq.], the Secretary and each institution of higher education participating in the program under this part [20 USCS §§ 1087aa et seq.] shall enter into cooperative agreements with consumer reporting agencies to provide for the exchange of information concerning student borrowers concerning whom the Secretary has received a referral pursuant to section 467 [20 USCS §§ 1087gg] and regarding loans held by the Secretary or an institution.
(2) Each cooperative agreement made pursuant to paragraph (1) shall be made in accordance with the requirements of section 430A [20 USCS § 1080a] except that such agreement shall provide for the disclosure by the Secretary or an institution, as the case may be, to such consumer reporting agencies, with respect to any loan held by the Secretary or the institution, respectively, of--
(A) the date of disbursement and the amount of such loans made to any borrower under this part [20 USCS §§ 1087aa et seq.] at the time of disbursement of the loan;
(B) information concerning the repayment and collection of any such loan, including information concerning the status of such loan; and
(C) the date of cancellation of the note upon completion of repayment by the borrower of any such loan, or upon cancellation or discharge of the borrower's obligation on the loan for any reason.
(3) Notwithstanding paragraphs (4) and (5) of subsection (a) of section 605 of the Fair Credit Reporting Act (15 U.S.C. 1681c(a)(4), (a)(5)), a consumer reporting agency may make a report containing information received from the Secretary or an institution regarding the status of a borrower's account on a loan made under this part [20 USCS §§ 1087aa et seq.] until the loan is paid in full.
(4) (A) Except as provided in subparagraph (B), an institution of higher education, after consultation with the Secretary and pursuant to the agreements entered into under paragraph (1), shall disclose at least annually to any consumer reporting agency with which the Secretary has such an agreement the information set forth in paragraph (2), and shall disclose promptly to such consumer reporting agency any changes to the information previously disclosed.
(B) The Secretary may promulgate regulations establishing criteria under which an institution of higher education may cease reporting the information described in paragraph (2) before a loan is paid in full.
(5) Each institution of higher education shall notify the appropriate consumer reporting agencies whenever a borrower of a loan that is made and held by the institution and that is in default makes 6 consecutive monthly payments on such loan, for the purpose of encouraging such consumer reporting agencies to update the status of information maintained with respect to that borrower.

There is also no statute of limitations for federal loans: 20 USC 1091a.
  **********************************************************************************************

 

Identity Theft Red Flags and Address Discrepancies Under the Fair and Accurate Credit Transactions Act of 2003; Final Rule, 72 Fed. Reg. 63717, Nov. 9, 2007

There are three key compliance requirements here:

  • Schools that use consumer reports subject to the FCRA (see above) must develop and implement reasonable policies and procedures to ensure authentication of identity for the person who is the subject of the report if the user receives a notice of an address discrepancy. The user (here the university) must also then furnish the accurate address of the consumer back to the reporting agency that sent notice of address discrepancy, if certain conditions exist. (see 16 CFR 681.1)
  • If the school meets the definition of a creditor under the FCRA (any person who regularly extends, renews, or continues credit; any person who regularly arranges for the extension, renewal or continuation of credit (see 15 USC 1691a) then the school has several obligations under the final rules, which include periodically determining if it maintains covered accounts, and if it does, then developing and maintaining an identity theft program for those accounts, which has been approved by the Board of Directors or an appropriate committee, among other items. (See 16 CFR 681.2)
  • If the institution issues debit or credit cards then the reasonable policies must be in place to assess the validity of a change of address. (See 16 CFR 681.2) If the institution issues campus cards that can be used as debit cards to make electronic fund transfers from a transaction account to off campus merchants, then the institution is subject to this reg.

See a memo titled Identity Theft Red Flags and Address Discrepancies under the FCRA, by Nina Lavoie posted on NACUA's web page on September 15th, 2008.

 

 

Resources

Consumer Financial Protection Bureau web page on FCRA with a summary of rights 

CFPB Bulletin 2013-09 (Sept. 2013) on investigating disputes

Obligations of Users of Consumer Reports Under the FCRA (by Seyfarth Shaw)

NACUA Resource Page on Background Checks (password protected)

If you Use Applicant Background Checks, the FCRA is Lurking, by IceMiller, June 20, 2016*

The Value of Background Checks-A Legally Compliant Screening Program by ClearStar, March 7, 2016

Issues in the Search for Quality Employees
, May 2013, Ward and Smith, P.A. 

Complying with the FCRA in Four Easy Steps, Nov. 2013 by ESR

 

 

 

 

 

updated 11-9-16 by mlo to add FTC guide to using consumer reports, and added new links to resources