FCRA Compliance for Background Checks: What Employers Must Know in 2026
The Fair Credit Reporting Act governs how employers can use background checks. Here's what you need to know to stay compliant and avoid costly lawsuits.
What Is the FCRA?
The Fair Credit Reporting Act (FCRA) is a federal law that regulates how consumer reporting agencies collect, disseminate, and use consumer information, including background check reports. For employers, the FCRA establishes specific requirements for obtaining and using background checks in employment decisions.
Violating the FCRA can result in statutory damages of $100-$1,000 per violation, plus actual damages, punitive damages, and attorney's fees. Class action FCRA lawsuits regularly result in settlements of $5-50 million.
Key FCRA Requirements for Employers
Disclosure and Authorization: Before obtaining a background check, employers must provide a clear, standalone written disclosure to the candidate and obtain their written authorization. The disclosure cannot be buried in an employment application.
Pre-Adverse Action Notice: If you intend to take adverse action based on a background check (e.g., not hiring the candidate), you must first provide the candidate with a copy of the report and a summary of their rights under the FCRA.
Waiting Period: After sending the pre-adverse action notice, you must wait a reasonable period (typically 5 business days) before taking final adverse action.
Adverse Action Notice: If you proceed with adverse action, you must send a final notice that includes the name and contact information of the consumer reporting agency, a statement that the agency did not make the adverse decision, and notice of the candidate's right to dispute the report.
How AI Helps with FCRA Compliance
AI-powered background screening platforms like VerifAI build FCRA compliance directly into the workflow. Automated adverse action letter generation, built-in waiting period tracking, dispute management systems, and complete audit trails ensure that every step of the process is documented and compliant.
Common FCRA Violations to Avoid
The most common FCRA violations include failing to provide a standalone disclosure, including liability waivers in the disclosure form, failing to send pre-adverse action notices, not waiting the required period before final adverse action, and using outdated or inaccurate information in hiring decisions.