Alleging that the practice “offshoring” puts the financial information of customers at risk, a consumer class action lawsuit recently filed against the largest bank holding company in the United States (by assets) is challenging the financial industry’s standard business practice of offshore outsourcing – also known as “offshoring” – customer services to call centers located outside of the United States that are staffed with foreign nationals.

According to the complaint filed in the U.S. District Court for the District of Columbia, the practice of offshoring not only exposes financial records to hackers and identity thieves, but also means that those financial records “received by and sent from that foreign national are not protected against U.S. government intrusion by the Fourth Amendment to the United States Constitution or the laws of the United States.”

In addition, the complaint alleges offshoring is conducted without the knowledge or prior authorization of customers which violates the federal Right to Financial Privacy Act that prohibits financial institutions from giving the government access to the financial records of a customer except under the specific provisions of the Act. Under the Act, the government cannot access customer financial records from financial institutions unless:

  • (1) The customer specifically authorizes the disclosure, in writing and in accordance with the requirements of the Act to both the financial institution and the government agency, or
  • (2) The government obtains a warrant or subpoena in accordance with the Act.

The practice of offshoring has become controversial not just for financial institutions but also for Consumer Reporting Agencies (CRAs) that provide background checks. As reported earlier in the ESR News blog ‘New CA Law Regulates Offshoring Personally Identifiable Information (PII) of Consumers Used in Background Checks,’ a new California law will regulate the offshoring of PII such as names, dates of birth, addresses, Social Security numbers (SSNs), and financial data of consumers used in background checks.

In September 2010, then Governor Arnold Schwarzenegger signed into law California Senate Bill 909 (SB 909), which addresses the issue of personal information being sent offshore. SB 909 – which takes effect January 1, 2012 to allow time for background check companies to provide new releases to employers or modify online language – amends the California Investigative Consumer Reporting Agencies Act (ICRA) that regulates background checks in California. SB 909 requires a consumer must be notified as part of a disclosure before the background check of a website address for “information about the investigative reporting agency’s privacy practices, including whether the consumer’s personal information will be sent outside the United States or its territories.”

If a background check company does not have a web site, then the background check company must provide the consumer with a phone number where the consumer can obtain the same information. In addition, the background check company’s privacy policy must contain “information describing its privacy practices with respect to its preparation and processing of investigative consumer reports.” Specifically, background check companies in California (and firms that do business in California) must have a statement in their privacy policy entitled “Personal Information Disclosure: United States or Overseas” that indicates whether the personal information will be transferred to third parties outside the United States or its territories through the process of offshoring.

SB 909 defines “third parties” as including, “but not being limited to, a contractor, foreign affiliate, wholly owned entity, or an employee of the investigative consumer reporting agency” and also requires a “separate section that includes the name, mailing address, e-mail address, and telephone number of the investigative consumer reporting agency representatives who can assist a consumer with additional information regarding the investigative consumer reporting agency’s privacy practices or policies in the event of a compromise of his or her information.” If a consumer is harmed by a background check company negligently sending data offshore, SB-909 provides damages to the consumer.

A group of Consumer Reporting Agencies (CRAs) called ConcernedCRAs – opposes the practice of offshoring PII of U.S. citizens outside the country to be processed beyond U.S. privacy laws. As a member of ConcernedCRAs, Employment Screening Resources (ESR) does not offshore Personally Identifiable Information (PII) and all domestic background checks are performed exclusively in the United States. ESR performs all processing and preparation in the U.S. in order to protect applicants and employers.

To read California Senate Bill 909, visit:

For more information about background checks, visit Employment Screening Resources (ESR) at

About Employment Screening Resources (ESR):
Employment Screening Resources (ESR) literally wrote the book on background screening with “The Safe Hiring Manual” by ESR founder and President Lester Rosen. ESR streamlines the screening process and reduces administrative overhead though its proprietary technology solutions.  ESR is one of a select few firms accredited by The National Association of Professional Background Screeners (NAPBS®). This important recognition was achieved by successfully passing a third party audit demonstrating compliance with the NAPBS Background Screening Agency Accreditation Program. By choosing an accredited screening firm like ESR, employers know they have selected an agency that meets the highest industry standards. For more information about ESR, visit