Q. My security function has been tasked with establishing screening protocols for the vendors and service providers bidding for our company’s contracts. How far should this screening extend? What should be included?
A. The purpose of a screening program is generally to ensure that vendors are reliable, consistent, and won’t expose your company to costly lawsuits. It is crucial to fully understand the integrity of the company and people with whom you will be involved. You don’t want to risk association with a company or other key representatives who may have red flags in their histories.
By screening your vendors, you can determine how dependable they will be. Have they employed people with a criminal record? Do your vendors have employees with a substance abuse problem? Have other companies filed complaints against the vendor? If so, why? Is the vendor on the brink of insolvency?
Any of these issues can have devastating results for your company. For example, a vendor who provides a critical function for your business files bankruptcy, crippling your company’s ability to provide a service. A vendor who provides labor for you may place ex-convicts on site and expose your business to liability.
Make sure your Service Level Agreement requires vendors to complete criminal checks, credit checks, review of DMV records if applicable, and verification of licenses, permits, and certifications on all of their employees. It is within your company’s rights to request copies of these records for verification.
Screening shouldn’t end with the initial hire or contract. There are several ways you can ensure that periodic screening updates are conducted.
It can be written into the contract that checks be conducted by the contractor at a set period (e.g., biannually). Keep in mind that if a contractor is required to do additional background checks, they will include the cost in the billing to cover this additional expense.
If the contractor is a security guard services vendor, you’ll find that most states require security officers to be licensed with the state. Most of those states also require the license to be renewed every year to three years. For example, in the state of North Carolina, unarmed security officers are required to renew their license (along with refresher training) every two years. Armed officers are required to renew their license every year as well as to requalify with their firearms. As part of this renewal process, the state usually conducts a new background check.
A security leader can request an audit be done on the individuals assigned to his or her site to ensure proper screening is being conducted. Once again, this needs to be put in the contract to prevent any push back from the vendor. A security leader can specify in a security vendor contract that only those individuals that have received their license/certification from the state be allowed to work at their site. I usually recommend this even if the security vendor does their own background check. I have seen several instances in which no record shows up on the background check conducted by the vendor, but when the application for license is submitted to the state, the individual turns out to have a criminal record. Requiring the contractor’s employees to already have the license/certification in hand prior to working at the site prevents someone with a criminal or other disqualifying factor from being assigned.
Like any organization, a vendor may have a great national reputation, but the local office does not. When choosing a vendor, always get local references from their current and previous clients. You can do some of your own research by checking their online reviews. I recommend you look at reviews from current and former employees where possible as well. You can learn a lot about the vendor’s local office from what the employees say about the management. However, you must keep in mind that some of these employees have been terminated for cause and may harbor ill feelings. Also, check with your peers in similar businesses and see what experience they have with the vendor.
I would recommend setting up Key Performance Indicators (KPI) for vendors. These measurable goals can and often will change through the life of a contract, and it’s important to hold vendors accountable to meeting them. It is nearly impossible to identify issues and attempt to correct them without KPIs in place.
Lastly, communication between the security leader and vendor is critical. I always recommend a meeting be conducted at least monthly. This helps identify issues and potential issues and keep them from growing into major issues.
Screening vendors is a continual process that includes much more than simple background checks. If you don’t have the staff available to conduct such screening, consider partnering with an experienced screening service.
Answer provided by Bill King, SEC subject matter expert faculty with expertise in Security Force Optimization.