The importance of robust due diligence checks on IT workers

We consider that it’s more important than ever to carry out robust pre-employment checks both on permanent and temporary tech hires.

As the UK IT community have for the most part settled on hybrid working practices and further, allowing some employees to work full remotely, deeper vetting should be adopted to mitigate any future issues. Typically, this includes validating right to work, employment history, professional accreditations, and criminal records check.

However, there is one worrying recent development that we have identified in our day to candidate assessment/short-listing processes: Fake jobs showing on CVs.

IT professional working on a laptop.
Female IT professional working on a laptop

Fake jobs on CVs can sometimes be hard to spot and standard employment history vetting checks may not uncover any anomalies. A deeper degree of investigation needs to be employed. For candidates we consider worthy for short-listing for a vacancy, we now routinely check out any employer organisation (showing on the CV) that we are totally unfamiliar with.

During deeper checks, it sometimes transpires that the financial t/o of the employer is too low to support even one employee on minimum wage. Further the LinkedIn company profile often shows multiple employees, but again financial t/o at a minimal level. These are ‘red flags’ that need to be investigated closely.

A normal ‘employment validation’ in isolation would not pick up such anomalies. Even professional external vetting agencies will simply accept any person in authority to confirm employment just asking for validation of job title and employment dates and no more.

Go deeper on vetting if you perceive any red flags. We do.

On from this, if you interview remotely and hire remote workers, ensure you at the very least meet with your new employee in person on day one of their employment. We have seen instances whereby a hiring stakeholder has questioned if the person they interviewed and offered a role to (remotely) was the same person that started the job. Was it someone else, better equipped to pass the interview and secure the job offer remotely? It’s happened. Further with remote workers, how can you be absolutely sure your remote employee is the person actually doing the work on a day to day basis?

There is an argument to put in place more robust measures for sensitive functional roles. Cyber Security roles are an obvious example where the deepest vetting needs to be carried out pre-employment and safeguard measures in place for monitoring fully remote workers especially.

Bringing technology talent together