Why Rescreening is the Next “Quick Win” You Can Bring to Your Boss
A background check is a point-in-time snapshot, not a long-term guarantee. If you’re still treating background checks like a one-time task to check off your list, here’s a wake up call from the rest of the world.
The Global Nudge You Can’t Ignore
Australia put a stake in the ground with AS 4811:2022, the national hiring standard that explicitly calls for “continuous assurance” across the employee lifecycle. In other words? Don’t just screen once, keep checking.
The Monetary Authority of Singapore (MAS) has placed greater emphasis on fitness and propriety checks for appointed representatives, many of which must be repeated at defined intervals.
In Europe, the expectation for ongoing employee vetting isn’t just industry best practice, it’s embedded in regulatory frameworks. In sectors like finance and aviation, rescreening isn’t optional, it’s a legal requirement tied to risk, compliance, and public safety. Meanwhile, employers across broader sectors are expected to re-assess employee suitability when roles evolve, responsibilities increase, or potential red flags arise.
Here’s how rescreening is playing out across key European jurisdictions:
United Kingdom – Finance:
Under the FCA’s SM&CR, financial firms must annually certify that employees in regulated roles remain “fit and proper.” This includes updated criminal background checks, financial soundness reviews, and conduct reference revalidation.
United Kingdom – Aviation:
Per CAA and EU Regulation (EC) No 300/2008, airport and airline staff with secure area access must be rescreened every three years, including criminal record checks and five-year employment history verifications.
Netherlands – Finance:
The Dutch National Bank (DNB) requires institutions to conduct ongoing integrity assessments for critical functions. Rescreening is expected during promotions, internal transfers, or when conduct concerns emerge.
France – General Employers:
France’s CNIL and labour law frameworks support background checks where proportionate to the role. Employers are encouraged to renew checks when job duties change or when access to sensitive data increases.
Germany – Compliance Roles:
While German privacy rules are strict, BaFin mandates financial firms ensure the ongoing suitability of AML and compliance officers. Background rechecks are justified after internal promotions or incidents.
As you can see, screening is no longer reserved exclusively for new hires. It’s a living risk control, especially in roles involving trust, data, money, or vulnerable populations.
North America is Quietly Catching Up
While North America hasn’t hit the policy panic button yet, the signals are flashing.
The wave of “clean slate” and ban the box expansions is reshaping how US employers conduct background checks. Ban the box doesn’t mean that employers can’t take an employee’s past into consideration, it just means that asking about criminal history can’t be part of the initial hiring process. Though, perhaps due to ban the box laws and fair chance hiring policies that restrict when and how background checks can be used, industry associations are stepping up to fill the guidance gap.
With more than 35 states and hundreds of jurisdictions creating a patchwork of compliance rules, national employers are turning to their industry bodies, like SHRM, PBSA, and ASA, for practical recommendations on who to screen, when to rescreen, and how to stay both fair and compliant.
This shift is being driven by a mix of rising insider threats, cyber risk, deepfake fraud, and litigation pressure. As rescreening becomes a key strategy for managing ongoing employee risk, especially in high-trust roles, associations are helping their members navigate legal complexity with policies tailored to industry-specific exposures.
Let’s take a look at some examples:
- The PBSA warned members in 2024 about a surge of fraudulent employer verifications, urging tighter, repeat checks to weed out fake history. They now require accredited vendors to embed continuous monitoring tools in their platforms, not just for initial hires but for employees in flight. The association also flagged a startling 57 % of North American employers lack any post-hire screening routines.
- Closer to home, Ontario’s HRPA Risk Roster ranks “hiring staff with previous criminal background” and “skipping reference checks” among its top public harm risks—practices that recurring screening directly mitigates.
Why wait?
Why “One-and-Done” Doesn’t Cut It: Cautionary Tales
| Industry | What Went Wrong | Rescreening Lesson |
|---|---|---|
| Insurance (UK) | Claims supervisor accessed 32,000 policies on weekends, selling customer data; suspended prison sentence followed. | A mid-employment criminal record check plus weekend-access audit would have flagged abuse early. |
| Private Education (US) | Elite NYC school hired someone with a relevant criminal history without finishing the check; he was later charged with soliciting students. | Annual rescreening (and a completed original check) could have prevented reputational carnage. |
| Professional Services (Australia) | Law firm insider leaked salaries and performance rankings to 900 staff via forged email; forensic probe points to a former payroll manager with prior fraud record. | Tighter insider threat monitoring as covered in What Happens When HR & IT Don’t Talk? would have reduced exposure. |
| Banking (Canada) | TD Bank breach traced to a former employee who siphoned customer data—reminding us that 60% of breaches involve insiders. | Periodic criminal/credit checks plus access reviews can spot disgruntled insiders before they go rogue. |
| Tech (Global) |
Deepfake applicants used AI-generated video and voice to land remote IT jobs—FBI and LinkedIn users warn.
Related: |
Re-verify identities and right to work documents periodically, not just on day one. |
The New Threat Matrix Businesses Face
- According to the Canadian Anti-Fraud Centre (CAFC), Canadians lost $47 million to employment fraud in 2024 and nearly $15 million of those losses were in Ontario.
- The Canadian Survey of Cyber Security and Cybercrime found that about one in six Canadian businesses (16%) were impacted by cybersecurity incidents in 2023. While it’s down from 18% in 2021 and 21% in 2019, spending on recovery from cyber security incidents (totalling $1.2 billion) doubled over the same period.
- AI deepfakes turn interviews into improv theatre. Candidates can now clone faces, voices, even diplomas in real-time.
If your screening policy still says “check at hire, then trust forever,” you’re betting your company on yesterday’s risk picture.
A Pragmatic Rescreening Playbook
This season on What the FTE?, Certn’s podcast that delivers insight-packed episodes on emerging HR trends, real-world case studies, and best practices, Donal Greene, Global Head of Background Screening, talked to guests about the rise of AI deepfakes and insider threats.
Here are some of the best practices the guests covered:
| Step | What Good Looks Like | Exec-Friendly Win |
|---|---|---|
| Layer ID Verification | Pair credentialing tools with selfie-to-ID match and database rechecks to combat deepfakes | Signals proactive AI-risk management |
| Risk-Tier Your Roles |
High-access jobs (finance, IT, patient data) = Annual criminal & sanction checks Standard roles = Every 2–3 years |
Shows proportionality and cost control |
| Tie Rescreening to Key Lifecycle Events | Promotions, role changes, or access upgrades trigger an instant recheck | Links security directly to business growth |
| Document & Dashboard |
Track completion rates and findings Present quarterly to the board alongside cyber KPIs |
Turns a cost centre into a governance metric |
The Leadership Takeaway – Make Rescreening your Next Quick Win
Background screening isn’t just a hiring function anymore, it’s a frontline defence against today’s most pressing people risks. As cyber threats escalate, insider risk grows, and AI-fueled fraud evolves, your policies need to evolve too.
Rescreening is one of the most pragmatic investments HR can champion. It’s relatively low-lift, highly visible, and directly tied to business continuity, regulatory compliance, and reputational protection. Done right, it transforms your background check program from a static checkbox into a dynamic risk management system.
Whether you’re supporting a global compliance mandate or simply future-proofing your workforce strategy, ongoing background checks give you a defensible way to:
- Proactively manage trust in high-risk or high-access roles
- Align HR and security through shared accountability
- Show regulators and stakeholders that your risk controls aren’t stuck in the past
This isn’t about distrusting your people, it’s about protecting your business and your team from the kinds of threats that weren’t on our radar five years ago. So, if you’re looking for your next “quick win” that scales trust, safety, and strategy in one move, here it is: rescreening.
Need a practical starting point or policy blueprint? Book a Demo and we’ll get you there faster.
