Melissa Sorenson, Executive Director, Professional Background Screening Association (PBSA) on how right-to-work failures are not just a compliance issue but a reputational risk too.
The recent Home Office fines issued to recruitment businesses for right-to-work failures should not simply be viewed as another compliance story. For me, they serve as a reminder of the increasingly important role that identity verification and robust screening processes play in supporting responsible hiring practices in the UK.
According to the latest figures, six recruitment businesses were collectively fined more than £220,000 for employing illegal workers, with some individual penalties reaching £45,000. The consequences of non-compliance are severe, ranging from significant financial penalties to reputational damage and, in extreme cases, criminal sanctions.
At the same time, I do think it is important to put these cases into perspective. Personally, I would have expected to see far more examples of non-compliance given the size of the UK recruitment market. Over recent years, employers and HR teams have become far more aware of their obligations around right-to-work and identity checks, while digital identity technology has significantly strengthened controls and improved efficiency.
Inconsistency issues
In many organisations, compliance processes today are far more robust than they were even five years ago. Digital identity systems have helped speed up onboarding, improve consistency and reduce the administrative burden on HR teams that are already under enormous pressure. However, the story also highlights a challenge that continues to exist across the sector: inconsistency.
One of the biggest frustrations for employers is that there is still no universally aligned process for digital identity and right-to-work verification. Different providers operate in different ways, even if the end result is broadly similar. For employers and recruiters managing high volumes of candidates, that lack of standardisation can create confusion and increase risk. If an organisation moves between suppliers because results are too slow or not robust enough, they often encounter an entirely different process. That creates complexity at precisely the moment businesses are looking for clarity and confidence.
For HR leaders, this means compliance can no longer be treated as a simple ‘tick-box’ exercise delegated entirely to recruitment teams. Identity verification now sits firmly within wider discussions around governance, risk management, data security and organisational reputation. The reality is that hiring someone without the legal right to work in the UK is no longer just an operational mistake. It can quickly become a reputational issue that damages trust with clients, regulators and employees alike.
This is why choosing the right screening partner matters more than ever. HR leaders should be looking closely at the standards, governance and supplier controls behind any screening provider they work with. It is important to understand not only the screening company itself, but also the third-party digital identity providers and sub-processors supporting those checks.
Demand for trust
Questions around information security, audit processes, supplier oversight and regulatory compliance should all form part of procurement and due diligence discussions. Increasingly, employers are also looking for providers that sit within recognised trade associations and operate against clear industry standards. In our profession, we continue to see growing demand for trusted, technology-enabled screening solutions that combine speed with compliance rigour. Employers do not want hiring processes slowed down unnecessarily, but equally they cannot afford shortcuts. The good news is that digital identity technology is helping organisations achieve both objectives. In many cases, digital checks are now significantly faster and less burdensome than traditional manual verification processes.
Looking ahead, I believe the conversation around identity verification will become even more important as AI-driven hiring continues to evolve. There is growing discussion across government and industry around concepts such as digital identity, reusable credentials and data sovereignty, the idea that individuals should ultimately own and control their own identity data.
As fellow industry expert David Crack recently argued at the PBSA Europe and Africa summit on the future of digital identity, the UK is approaching a transformational shift in how identity data is managed, verified and shared. He highlights the growing importance of reusable digital identities, trusted data ecosystems and greater collaboration between government and industry to create secure and efficient systems for the future.
I agree that the direction is increasingly focused on secure, trusted and user-controlled identity systems. In an age where AI-generated fraud, fake candidates and sophisticated impersonation scams are becoming more common, employers will need greater confidence in the authenticity of the people they are hiring. That means identity verification is no longer just about compliance. It is becoming a frontline defence against fraud, misinformation and organisational risk.
For employers, the message is simple: now is the time to review your processes, assess your screening partners and ensure your organisation is prepared for a future where trusted digital identity will play an even greater role in recruitment and workforce compliance.
