Back to Blog

Industry Best Practices

The growing popularity of at-home grocery and meal delivery services, as well as in-store consumer perks, such as play areas for children, have left customers interacting with retail employees in a new and vulnerable way. Sending employees to or inside someone’s home, or requiring them to work alone with minors, demands a new level of rigor to ensure that those employees are worthy of the consumer’s trust.

Most of the time, these services do exactly what they’re meant to: drive loyalty through convenience. Employees with recent criminal activity do slip under the radar, however, and it only takes one incident to greatly impact a retailer’s reputation.

A substantial amount of person-based risk goes unnoticed and unmanaged each day. As employers seek to ensure the safety and integrity of their workplaces, customers, and overall community, there continues to be a focus on continuous employee monitoring−or a technological solution in which employees are monitored in real time for criminal activity.

Real-time incarceration alerts are an early indicator of risky employee behavior that may pose a threat to business. Incarceration alerts equip employers with the knowledge needed to proactively mitigate business risks that stem from an employee’s criminal activity. In the absence of a true continuous monitoring program, threats are often missed by current industry-standard procedures, such as pre-hire screenings and periodic re-screenings throughout an employee’s tenure.

Appriss supports the following industry best practices that can help organizations implement and maintain a successful continuous monitoring program.

Best Practice #1: Know Your Specific Employee Consent Requirements

In addition to rules and requirements under federal law (such as the Fair Credit Reporting Act, or “FCRA”), many states have consent requirements in both a pre-hire and post-hire (continuous monitoring) context. California, for example, has a requirement under the California Investigative Consumer Reporting Agency Act (ICRAA) that generally requires new consent each time an investigative report is sought.

Given the variance in state and local laws across the nation, employers are encouraged to understand the unique requirements of the jurisdiction(s) in which they operate and to develop policies and procedures that comply with the specific laws that govern that region. This may include the development of an additional consent form that is specific to continuous monitoring, administered at regular intervals, to comply with applicable rules.

Best Practice #2: Establish and Communicate Clear Policies and Procedures

Companies that implement a continuous monitoring program are encouraged to administer a clear and consistent employee/contractor (as applicable) self-reporting policy for all criminal behavior, including arrest.

Generally, a comprehensive self-reporting policy should include:

  1. Why the policy was established
  2. Who is governed by the policy
  3. How the policy is enforced (what happens if an individual does not self-report)
  4. A timeline for report submission

Communicating required information

A self-reporting policy should clearly describe:

  • How the company expects to receive the report (e.g., in writing, via online form, etc.)
  • All information that an individual is required to include with their report submission
    • Identifying personal information  (e.g., first/last name, DOB, SSN)
    • Work-specific information (e.g., employment status, work ID, work location)
    • Report type (e.g., arrest, disposition/final judgment)
    • Information concerning the arrest (e.g., arresting agency, booking agency, date of incident, date of release)
    • Charges filed
    • Any additional detail concerning the arrest/disposition

Determining policy scope

Some employers opt to administer a self-report policy that only applies to certain charges. Some choose a more inclusive approach, requiring employees to report on all arrests and charges. This approach leaves no room for misunderstanding between the employer and its employees. It also allows the employer to gain a broader understanding of the risks within the company as a whole.

If an employer opts to narrow the scope of charges that warrant further action, its self-reporting policy should clearly articulate the types of charges that would result in such action.

Policy availability and review

Policies should be clearly articulated at the time of hiring, available for review by employees at-will, and revisited with employees at regular intervals. Policies should also be subject to cyclical review (e.g., annually) by Human Resources and Legal/Compliance to ensure alignment with current laws and regulations.

Best Practice #3: Always Investigate the Action

Criminal activity, including arrest, should always be investigated pursuant to well-articulated, pre-existing policies and procedures to verify whether the behavior underlying the arrest justifies disciplinary action.

The Equal Employment Opportunity Commission (EEOC) and the legal community generally agree – an employer cannot act or base employment decisions upon arrest records alone. However, the arrest record may trigger an independent investigation into the details and circumstances surrounding the arrest and upon which the employer may make its disciplinary decisions regarding the subject employee.

Investigation tactics

A thorough investigation may include the following elements:

  • Verification of information
    • Confirmation of identity (i.e., is the individual on the arrest record your employee?)
    • Confirmation of charges and their relevance to the individual’s job function
  • Detailed investigation
    • Conduct interview with individual in question
    • Conduct an Internet search for media coverage
    • Conduct social media searches for incident coverage
  • Discussions with associated parties
    • Arresting officer
    • Prosecutor
    • Defense attorney
    • Witnesses
  • Determine appropriate action
    • No action
    • Re-deployment
    • Discipline
    • Termination

When an employee violates a self-reporting policy that has been clearly establishedappropriately articulated, and consented to by the employee, these situations are commonly resolved with an investigation, confirmation of arrest and non-compliance, and ultimately, discipline−up to, and including, termination.

An alternative approach

Certain companies may choose to take action only after court proceedings are completed and final. Note that this approach, however, may result in significant, unmitigated risk. According to a study conducted by the Bureau of Justice Statistics, as many as two-thirds of all arrests are still pending disposition after six months, and one-third are still pending disposition after a full year.

Why Monitor?

A continuous monitoring program is an important facet in an employer’s overall risk management platform, critical to the health of the company and its most important assets—its employees and customers. To be successful, the program must be thorough and compliant with federal, state, and local employment laws and regulations.

As post-hire monitoring technology continues to evolve from a simple incarceration alert to a full end-to-end solution, employers with smart internal policies and practices will be best positioned to ensure the safety and integrity of their workplaces.


Disclosure: This article serves as a general overview of industry best practices. It does not contain legal advice and should not be construed as such. The practices described serve as suggestions to be reviewed with legal counsel and considered within the broader context of your specific operations, local laws and regulations. Please consult legal counsel before implementing any continuous monitoring programs, policies or procedures.

This post was originally featured on the Appriss Safety blog. Learn more about continuous monitoring:

Click Here


Brian Matthews, Senior Vice President, Appriss Insights

Brian Matthews oversees all aspects of strategy, marketing, business development, and sales for Appriss Safety’s Insights. He is responsible for developing and executing growth strategy for the business, with an overall focus on saving lives, preventing fraud, and reducing insider risk.

Other Posts By This Author