Compliance In Recruitment

Are you a visitor or nonimmigrant traveling to the U.S.? Google yourself first. I always recommend that visa applicants and frequent visitors take a moment to check what’s publicly available about them online. LinkedIn, company bios, press releases, social media—it all paints a picture. And if that picture doesn’t match what’s in your visa application, petition filing or your verbal responses at inspection… you can find yourself in some hot water pretty quickly. Some examples: 💻 A B-1 visitor enters the U.S. monthly, always hitting different cities along the East Coast. One day, CBP pulls him into secondary and Googles his name + employer. He’s listed as “East Coast Sales Manager” on the company website. That title and travel pattern raise red flags about the role involving more than permissible B-1 activity. 💻 A TN Management Consultant is listed as a C-level executive on the U.S. company’s website or LinkedIn profile. This undermines the consulting narrative and suggests hands-on management or a more permanent role—neither of which are generally permitted. 💻 An H-1B employee posts, “Excited to start working at our new Austin office!”—but that location isn’t covered by the approved LCA. That opens the door to a compliance issue. 💻 An O-1 applicant tags a company in a post: “Can’t wait to work with ABC Co. on this new project!” The petition was for direct employment with another company—and USCIS takes notice. 💻 An F-1 student uploads TikToks promoting their dorm-room business. That can trigger unauthorized employment concerns. A job title, a LinkedIn update, a company bio, a social media caption—these things don’t exist in a vacuum. Immigration officers look at the full picture, and what they see online can raise questions about whether you’re doing more than your visa allows. Consular officers and border officers aren’t required to give you the benefit of the doubt; that burden is on YOU, the nonimmigrant. And USCIS won’t assume your intentions—they’ll look at what’s in front of them. (And if you hire an immigration attorney, you can bet we’re Googling you too. Don’t try to pull one over on us—we’re on your side. Let’s work together to flag anything that could raise questions and figure out how navigate these potential speedbumps.) Your digital presence should reinforce your immigration position, not cast doubt on it. And if something public is outside your control, be ready to explain it. Because when immigration is involved, clarity isn’t optional. And it goes without saying—please, PLEASE do not misrepresent yourself. It’s never worth the risk, and it’s often unnecessary. Many issues can be managed or explained when you're honest and upfront from the start. Be intentional about how you show up—online, on paper, at your visa interview, and at the border. #usimmigration #visa #bordercrossing #immigrationattorney

Background checks. Sensitive data. Zero DPDP compliance. The most sensitive personal data comes from your hiring process. 📌 Criminal records. 📌 Financial history. 📌 Past employment. 📌 Address verification. 📌 Education certificates. And almost no Indian company has a DPDP-compliant process for any of it. Here is the legal reality your HR team doesn't know: Your company = Data Fiduciary. Your BGV vendor = Data Processor. Your candidate = Data Principal with enforceable rights under DPDP. Every obligation that applies to your customer data — applies here too. The 5 gaps I find in almost every BGV process I review: 1️⃣ Consent was never properly obtained. Most companies collect a generic clause inside the offer letter. Under DPDP — consent for a background check must be specific to that purpose, informed about what will be verified and with which sources, and separate from the employment acceptance. "I accept this offer" is not consent to a criminal record check. 2️⃣ No signed DPA with the BGV vendor. You have a commercial agreement with your BGV vendor. Under DPDP — that vendor relationship requires a Data Processing Agreement with breach notification timelines, deletion obligations, sub-processor controls, and Data Principal rights flowing down. A commercial agreement and a DPA are not the same document. 3️⃣ Candidate rights are completely unaddressed. Under DPDP, your candidate has the right to access what data was collected about them, from which sources, and what the report concluded. Most HR teams have no process for this. No one has asked before — but it is now a legal right, not a courtesy. 4️⃣ BGV reports are retained indefinitely. The candidate joined — or didn't. The report is still in your HRMS, your email, your recruiter's drive — years later. Under DPDP — personal data must be deleted once the purpose is fulfilled. The purpose of a background check is the hiring decision. Once made — the legal basis for retaining the report ends. 5️⃣ Cross-border transfers nobody mapped. Most BGV vendors verify employment and academic records through international databases. That is a cross-border data transfer. Under DPDP Section 16 — your company is responsible for it. Not your vendor. Does your BGV vendor's contract specify which countries your candidate's data flows to? _____________________________ The background verification industry processes thousands of sensitive personal data records every month in India. Almost none of it is DPDP-compliant. And the liability doesn't sit with the BGV vendor. It sits with the company that initiated the check and is the Data Fiduciary. Does your company have a signed DPA with your BGV vendor? ___________________ I help companies build DPDP-compliant hiring data processes — from candidate consent to vendor DPAs to rights response frameworks. Book 1:1 call to find out where you stand. (Link in comment.)

Last month I interviewed a Senior Manager for a $180k Associate Director role. He was excited about the role - but his application couldn’t be considered. He made an honest mistake that hurt his job search. Another recruiter had sent his resume to the firm the day before. He didn’t know it had happened. This isn’t a post saying my competitors did the wrong thing - they didn’t break any rules. They’d asked the candidate, “Is it ok if you leave this with me and I’ll have a chat to my clients and see what interviews we can get you?” What he didn’t realise was that saying yes meant his name, resume, and application would be sent to 20+ accounting firms - 75% of which he wasn’t actually interested in. The outcome: ❌ Applications went to firms he didn’t want to work for ❌ His personal details were shared more widely than intended ❌ He received interview requests he had to decline ❌ His resume was sent to firms he was already interviewing with A good recruitment process should: 1️⃣ Start with the recruiter taking a clear brief from the client 2️⃣ Include a conversation with you about open roles 3️⃣ Only submit you for roles you’ve agreed to 4️⃣ Let you keep track of where your details are going 5️⃣ Move into interviews and offers from there Brisbane is a small market. In my opinion, it is vital that you know where your name and resume is being sent. If you are asked the following question: 'Is it ok if I share your resume with some of my trusted clients?' Say no. If you aren't asked the question, you should ask this question: 'Could you make sure you run the opportunities past me including the names of accounting firms before submitting me? I want to know where my details are being sent, before being sent'. Every recruitment agency has their own processes. But at Riverside Recruitment, your confidentiality is our top priority.

Your POSH Policy Is Only as Strong as Your Culture Somewhere along the way, we started believing that a POSH policy, a DEI policy, or a Code of Conduct would automatically create a safe workplace. It doesn’t. I still remember a senior manager telling me, “We have the best POSH policy on paper — yet employees still don’t report, or leave quietly.” That sentence stayed with me. 👉 Because no policy — no matter how well-worded — can guarantee psychological safety if people fear retaliation, discomfort, or shame. 👉 Because harassment, bias, and microaggressions often hide in plain sight until someone finally calls them out. 👉 Because leadership often lacks the skills — and the courage — to have uncomfortable conversations about power, privilege, and consent. If you think you’re covered just because you did a one-hour POSH refresher, consider these facts: ✅ A 2024 BCG report found over 50% of Indian employees hesitate to report workplace harassment because they fear retaliation or lack of support. ✅ McKinsey data shows 80% of DEI initiatives globally fail due to a lack of leadership accountability and structural follow-through. ✅ A Harvard Business Review survey in 2023 revealed 62% of leaders feel unprepared to handle conversations around harassment, bias, and privilege. ✅ India’s POSH Act has been law since 2013, yet many workplaces still treat it as a checkbox rather than a cultural commitment. 🟢 So what actually works? 🌱 Building leadership skills to handle difficult, uncomfortable conversations. 🌱 Integrating behavioral science and empathy into every stage of policy rollouts. 🌱 Embedding DEI principles into organizational development so the culture supports — not resists — change. 🌱 Moving from compliance to commitment. As a psychologist and OD consultant, I believe true workplace safety begins where the policy ends: in those everyday moments of courage, boundaries, and empathy. If you want to transform your workplace beyond tick-box compliance into a genuinely safe, bias-aware, and equitable culture — I’m here to help. 👉 Let’s connect and make that shift happen. #poshact #training #sexualabuse #jyotidadlani

If you hire remote workers you should be doing a deep dive on your recruiting, hiring, and onboarding processes to understand how you are confirming the identity of the person you are hiring. There are an estimated several dozen “laptop farmers” that have popped up across the U.S. as part of a scam to infiltrate American companies. Americans are being scammed to operate dozens of laptops meant to be used by legitimate remote workers living in the U.S. What the employers and the farmers don’t realize is that the workers are North Koreans living abroad but using stolen U.S. identities. Once they get a job, they coordinate with an American who can provide some “American cover” by accepting deliveries of the computer, setting up the online connections and helping facilitate paychecks. Meanwhile, the North Koreans log into the laptops from overseas every day through remote-access software. CrowdStrike recently identified about 150 cases of North Korean workers on customer networks, and has identified laptop farms in at least eight states. While the primary goal for these workers might be to steal money in the form of cashed paychecks from American companies, many of them are also interested in stealing data for espionage or to use as ransom. At this point, with the speed of AI advancement, this risk is only going to increase for remote-first companies. Get your Security, HR, and Legal teams together to start discussing how you can mitigate this risk. You should even think about recent new hires where this could have potentially occurred and do some investigation. One possible mitigation is to force new hires in certain high-risk roles to come onsite during their first week for onboarding to get their company laptop. During the recruiting process, the recruiter should discuss the mandatory onsite onboarding and ask if they would be available to come onsite their first week for onboarding and to receive their laptop. The I-9 verification should also be done during this onboarding. I would also recommend heightened monitoring on new hires’ devices to ensure there are no red flags indicating suspicious or malicious behavior. I think it’s easy to overlook this risk and think it would be obvious to tell that you hired someone in North Korea, but these scams are getting sophisticated and AI is only going to make it harder to detect. Link to article: https://lnkd.in/e3iAmshM

In K–12 EdTech, our world is small. Everyone knows everyone, and trust is everything. Most of the candidates I speak with aren’t actively looking. They’re happy where they are and they just take the call because they trust me to have a discreet, respectful conversation about what could be next. That trust is sacred. And in an industry this close-knit, back-channeling a candidate’s interest, even with good intentions, can put their current role at risk. It breaks confidence, creates unnecessary tension, and ultimately discourages great people from even considering new opportunities. As leaders, partners, and hiring teams, we all share the same goal: finding the right fit without compromising someone’s livelihood. Handled the right way, recruiting strengthens relationships. Handled carelessly, it damages them. A little discretion goes a long way in keeping this ecosystem healthy and keeping top talent willing to pick up the phone.

Hiring processes should be confidential. A friend and peer of mine recently shared a tough situation: A client went “off the record” to get an informal reference for a first-stage candidate. Word got back to the candidate’s current employer via the grapevine and now their job’s at risk. It doesn’t matter why someone’s exploring new roles, management style, lack of progression, growth, values, culture, they deserve privacy. You cannot legally be fired in the UK for interviewing, but the damage to trust and reputation can be huge. If you’re hiring, confidentiality isn’t optional. No “quiet” reference checks. No asking around your network. Not until offer stage — and only with the candidate’s permission. This isn’t just process, it’s people’s lives and livelihoods. 💬 Have you ever seen confidentiality breached in a hiring process?

An employee says a coworker sexually assaulted her at work. Management says it will take the complaint seriously. HR says it will be involved. The employee says she is afraid to encounter the coworker again. And then? According to a new lawsuit against the Atlanta Hawks and State Farm Arena, not nearly enough. The complaint alleges that Tameika Hampton, an event security officer, reported that a coworker pressed his genitals against her during a concert. She says management promised action and concern for her safety, but then delayed the investigation, failed to communicate, failed to provide safety protocols, and later scheduled her in a way that forced her to pass by the accused coworker, triggering a panic attack. These are allegations, not proven facts. But the lesson does not depend on how the case resolves. When an employer learns of harassment, it owns the response. That means acting immediately, communicating clearly, documenting thoroughly, and taking interim steps to protect the complaining employee while the investigation runs. Speed matters. A delayed investigation is often no investigation at all. Memories fade. Video disappears. Witnesses scatter. Trust evaporates. So does communication. "HR will be in touch" followed by silence tells an employee the company does not care. Interim protection matters, too. Separate the employees. Adjust schedules. Change reporting lines. Provide escorts if needed. Make clear whom to contact if there is a problem. And if you promise no contact with the accused coworker, keep that promise. For coworker harassment, the legal standard is whether the employer knew or should have known about the harassment and failed to take prompt, appropriate corrective action reasonably calculated to stop it. It is not enough to check the investigation box. The response must be meaningful. Therefore, employers should have a harassment response playbook before the complaint arrives: 1. Immediate intake and documentation. 2. Preservation of evidence. 3. Prompt identification of interim protective measures. 4. A neutral investigator with authority and training. 5. Regular communication with the complaining employee. 6. A conclusion supported by facts, not vibes. 7. Corrective action tied to the seriousness of the conduct and the risk of recurrence. 8. Follow-up after the investigation closes. Harassment policies are only as good as an employer's willingness to enforce them when enforcement is uncomfortable. When an employee reports sexual harassment, the employer has a choice: treat it like a compliance inconvenience, or treat it like a workplace emergency. Only one keeps employees safe. Only one helps keep the employer out of court.

 Navigating H-1B Salary Requirements: Avoid Costly Mistakes The H-1B visa program opens doors for businesses to access top global talent, but it also comes with strict wage compliance rules that can be easy to overlook—and costly if you do. Here’s what every employer needs to know to stay compliant and avoid penalties: 1️⃣ Determine the Right Prevailing Wage You must pay at least the prevailing wage for the role, based on the DOL's data or an approved private wage survey. Misclassification = major red flag. 2️⃣ Understand Wage Levels H-1B salaries aren’t one-size-fits-all. There are 4 wage levels based on experience and job complexity. Underpaying based on the wrong level? That’s a compliance risk. 3️⃣ Area Matters Location isn’t just about where your office is—it impacts wages. A software engineer in San Francisco has a very different prevailing wage compared to one in Des Moines. 4️⃣ Beyond the Base Salary Benefits, bonuses, and perks don’t count towards meeting the minimum wage requirement. Your fixed salary must meet the prevailing wage, period. 5️⃣ Keep Those Records Tight Accurate documentation isn’t optional. Failing to maintain proper records or your Public Access File (PAF) can result in fines and even debarment from future H-1B sponsorships. 6️⃣ The Cost of Non-Compliance Underpayment can trigger audits, fines, back wage payments, or worse—being barred from hiring foreign talent. Regular audits and legal reviews can save you from costly mistakes. Pro Tip: Even a small misstep can spiral into major consequences. Staying proactive with internal audits, legal consultations, and up-to-date documentation is your best defense. Employers, how do you ensure your H-1B compliance stays airtight? Let’s share strategies and keep each other informed! #H1BCompliance #WorkforceManagement #HRCompliance #GlobalTalent #EmploymentLaw #PrevailingWage #BusinessRisk