Understanding BS7858 Security Screening
In Episode 3 of EBC Global’s Webinar Series, we dive deep into BS7858 Security Screening, breaking down the essential elements of the standard and providing practical advice on how to implement it effectively. We explore recent updates, discuss the importance of Digital Identity Verification and Right to Work checks, and share expert insights on navigating the complexities of employment verification.
Whether you’re new to BS7858 or looking to optimise your existing processes, this episode is packed with actionable tips to help ensure compliance and streamline your screening procedures.
Missed the webinar? No worries! You can watch it here to get the full picture.
What is BS7858 Security Screening?
Key Points to Know:
- Introduction: BS7858 sets the standard for the security screening of staff in an environment where the safety of people, goods or property is essential.
- Safeguarding People, Property, and Assets: Ensuring the safety and security of individuals, property, and assets by employing trustworthy personnel.
- Maintaining Public Trust: Upholding public confidence in security measures and the integrity of the vetting process
Background to BS7858 Vetting
Objectives to BS7858 Vetting
- Mitigating Insider Threats: Reducing the risk of insider threats by conducting comprehensive background checks.
- Compliance with Regulatory Requirements: Adhering to legal and regulatory standards for security screening.
- Fitness and Propriety: Ensure the trustworthiness of individuals in sensitive roles.
- Maintaining Public Trust: Upholding public confidence in security measures and the integrity of the vetting process
- Protecting Insurance Cover: Demonstrating comprehensive security measures to maintain or lower insurance premiums and meet insurance provider requirements.
Regulation, Roles and Responsibilities of BS7858 Vetting
- British Standards Institution (BSI): Regulates requirements
- Security Institute Authority (SIA): Oversees implementation of BS7858 standards within the security industry
- National Security Inspectorate (NSI): Maintains standards: training, accreditation, audits and guidance
Overview of BS7858 Vetting Components
Public Record Info (Credit check)
Right to Work
Identity Verification
Criminal Records
Employment History Checks
Sanctions Checks (International)
Employers need to conduct thorough checks to ensure the safety, security, and integrity of their operations. These checks collectively help create a secure and trustworthy environment, protecting both organisations and clients from potential risks and liabilities.
Types of BS7858 Screening
Limited Screening
Employers must complete Preliminary Checks and Limited Screening before “Conditional Employment” can commence.
Full Screening
Employers have 12 weeks to complete all checks and full 5-year activity verification before Conditional Employment must end.
Detailed Breakdown of ID and RTW Checks
Learn more about Right To Work checks in the UK
Background Check – Key Considerations
Criminal Records
- Conducted directly by SIA for licenced roles.
- Must be completed by the employer to highest legally available level for other roles.
- International criminal record checks are not specifically required.
Employment/Referencing (min. 5 years)
- All gaps of 31+ days (incl. overseas) to be evidenced with documents and reasons.
- Proof of NI / HMRC PAYE records allowed as proof of employment, otherwise 2 forms of suitable evidence must be collected.
- Self-employment can be evidenced by HMRC, accountants, bankers or trade references.
- Statutory declaration may be used for max. 2 periods not exceeding 6 months in total.
Document and Electronic Data Checking
- Retain evidence of electronic checks being completed, or
- Keep a record of who conducted checks of original documents.
BS7858 Components – Additional Considerations
- Extended Vetting Period: Opportunity to vet for more than 5 years for senior roles or to meet other industry requirements. Permitted timeframe for completing 10-year vetting is extended to 16 weeks where necessary.
- Open-source Internet Checks/Social Media Screening: Introduced as a recommendation rather than a requirement in BS7858:2019 “to provide greater insights and reduce risk”.
- Directorship Checks: “A Companies House search might be advisable”. BS7858 requires “Top management” to sign acceptance of risk for individuals who were a director of another organisation. Employers would need to know if a candidate is a company director in order for the risk to be assessed.
Implementation and Compliance
Consider these compliance requirements to determine whether to make any adjustments to your recruitment and vetting process:
Summary of BS7858:2019 Requirements
- Understand requirements for “Limited Vetting” for conditional hiring
- Timescales for completing Full Vetting
- Requirements for collecting evidence
- How and when to use Statutory Declarations for candidates
- Importance of a compliant record-keeping process
- How and when to use Acceptance of Risk from “top management”
- Obtain a copy of the BS7858:2019 Standard from BSI https://knowledge.bsigroup.com/products/screening-of-individuals-working-in-a-secure-environment-code-of-practice?version=standard
Tips and Best Practices
- Have an HR Policy for Employment Screening: Ensure consistency, avoid discrimination, make effective hiring decisions. Get your own copy of BS7858!
- Embrace Digital Identity and Right to Work Checks: Detect fake documents, improve candidate experience, increase efficiency, get immediate results.
- Transform Employment / Activity Verification Checks: Embrace new technology – use HMRC Instant Employment History Verifications and e-Referencing.
- Adopt Additional Background Checks: Consider adding checks depending on the role. Open-Source Internet/Social Media Checks, DVLA Driver Checks, Directorship Companies House Checks, and International Criminal Record Checks will all add value and mitigate risk for employers.
What’s Next?
In our final segment, we hinted at exciting upcoming webinars in the series. Mark your calendars for the next episode:
Disclosure Scotland Evolution – What You Need to Know
🗓️ Date: 7th November 2024
⏰ Time: 11:00 AM (UK Time)
Don’t miss out — follow us on LinkedIn and subscribe to our mailing list for the latest updates as we continue enhancing our platform’s capabilities.
Chat with the Team!
Have questions? Need personalised guidance? Our team is here to help! Whether you’re navigating the BS7858 security screening or want to explore how our platform can simplify your screening processes, we’re just a message away.
Reach out via email or schedule a one-on-one call with one of our experts. We’re passionate about helping you stay compliant, efficient, and ahead of the curve!
Q&A
Q: How often should we update our BS7858 screening procedures?
A: We recommend reviewing and updating your BS7858 screening procedures annually, or whenever there are significant changes in regulations or industry best practices. While there were 7 years between the last two versions of the BS7858 Standard without any substantial changes, recent updates—like the introduction of Digital Identity Verification and Right to Work checks—have had a major impact on vetting requirements.
Since the COVID pandemic, the background checking landscape has evolved rapidly, with new tools and checks emerging regularly. Updating your procedures ensures that your process remains compliant and effective. You don’t need to wait for formal updates to BS7858 to enhance your process with best practices, as long as the core requirements are met compliantly.
Q: Is there a faster way to collect BS7858 gaps in employment?
A: The most efficient way is to use HMRC PAYE Employment History at the start of each vetting process. This allows you to quickly identify gaps in official records and avoid discrepancies later, such as mismatched dates or hidden periods of employment. If you rely on HMRC as a last resort, issues like conflicting reference details can surface, which invalidates other checks and increases workload.
By using HMRC data from the outset, you streamline the process and save time. Alternatively, you could request candidates to provide evidence of all activities and gaps upfront, but this can be labour-intensive for them and often results in a poor experience. Why put everyone through that when a significant percentage of candidates can be vetted without extensive evidence collection from the beginning?
Q: Is BS7858 the same as BPSS?
A: Not quite, although they do share some similarities, especially in ID checks and evidencing activities. BS7858 is a security standard originally designed for the private security industry. It includes all BPSS requirements, with additional checks such as International Sanctions and Watchlist Checks, Public Information or Credit Checks, and a 5-year verification period instead of 3 years. Directorship searches and open-source internet or social media checks are also recommended for BS7858, though not mandatory.
On the other hand, BPSS is a baseline standard for government employees in the UK. It includes identity verification, criminal record checks, Right to Work checks, and 3 years of employment verification. While BPSS is less comprehensive than BS7858, it acts as the foundation for public sector vetting. Employees in government roles often undergo higher-level National Security Vetting, including Security Clearance, Counter-Terror Checks, and Developed Vetting, depending on their role. So, rest assured, the appropriate level of vetting is conducted in every case.