17 September, 2025
What does audit compliant employment screening mean?
Audit compliant employment screening requires maintaining complete, accurate, and up-to-date data throughout the entire screening process:
- who has been screened (employees, external parties such as temporary staff, agency workers or suppliers, and directors),
- which parts of the screening have been carried out and how they have been carried out (e.g. source verification with official authorities instead of copies provided), and
- how results have been recorded, logged and followed up.
By screening in an audit compliant manner, your process is transparent and accepted in audits. It is not just about conducting a screening, but about doing so in a demonstrable, consistent, and legally compliant manner.
Why is this crucial in the financial sector?
In the financial sector, the risks are extra high, which is why there are exceptionally strict requirements for screening applicants, employees and external parties. This does not only apply to the Wft and Wwft. Non-compliant screening can lead directly to sanctions.
The biggest risks are:
- Reputational damage: loss of trust amongst customers and partners.
- High fines: regulators are strict and impose significant penalties.
- Regulatory intervention (AFM or DNB): may result in restrictions or even revocation of licences.
- Costly mis-hires: hiring the wrong person can cost 3–5 times their annual salary and expose the organisation to risks such as the leakage of sensitive company information.
Screening should always be tailored to the specific role. Integrity-sensitive positions, such as employees handling money or accessing confidential information, require the most in-depth checks. The higher the risk associated with the position, the stricter the screening must be. Don’t overlook volunteers, temporary staff, or external parties, as they may also pose significant risks.
Tip: Build an internal risk profile and use this as a benchmark.
5 essential checks for every screening
For a simple yet indispensable screening profile, the following checks are strongly recommended:
- Identity check: Always verify the applicant’s identity document. Employers are legally required to retain a copy. In addition to a standard ID check, DISA offers a PID check, which not only validates the authenticity of the document but also confirms that the individual matches the document holder.
- Education check: Confirm that all stated diplomas are authentic. In the Netherlands, this can often be verified via DUO’s Central Diploma Register. For international or older diplomas, verification may be more complex but remains essential.
- Work experience check: Contact the references provided by the applicant to verify employment history. Ensure that the stated positions and dates align with the CV.
- Internet scan: Conduct an internet scan to identify publicly available information. When doing so, it is critical to remain fully compliant with GDPR requirements.
- VOG check: A VOG provides insight into any risks from a person's past for a particular position.
In addition to this, we recommend that you always be transparent about employment screening. Always announce in the vacancy text that the applicant must undergo screening.
Our data partners
DISA works together with various data partners. This ensures that information is verified at the source.
