The Role of HR in Risk Management
The Role of HR in Risk Management

The Role of HR in Risk Management

HR Risks Covered:

Recruiting Interviewing Drug Testing Background Check Employee Handbook Paying Employees Wage and Hour PenaltiesPay EquityHarassment PolicyTermination

Where Are You Most Vulnerable?

Tightrope walkers are kind of like human resource managers.

You have big, long term goals and you want to make a difference. Yet day to day, you step carefully, balancing the complexities of the workplace.

We love to talk to HR professionals about their strategic goals – for inspiration, check out Unlock the True Power of HR.

In this article, however, we’re focusing on another aspect of your job: risk management, or risk balancing. We’ll walk you through some (certainly not all!) of the most common risks HR professionals need to balance throughout the employee lifecycle, starting with…



HR Risk: Not building compliance into your recruiting process.

We’re not going to sugarcoat this: there are a lot of federal, state and local laws that govern the recruiting and hiring process.

Two government agencies to consider:

The Equal Employment Opportunity Commission investigates complaints based on sex, age, disability, religion, national origin, color and race. One way the EEOC regulates hiring is by looking at what information you collect & the way you interview candidates.

Office of Federal Contract Compliance Programs is the agency that ensures employers that do business with the Federal government comply with the laws and regulations requiring nondiscrimination.

How HR can help: An applicant tracking system can help you stay compliant. Ask tough questions before buying one.

If your company only hires a few people a year, and you have legal counsel, you might be okay to continue, cautiously, with a DIY approach. Once your company is growing, you’ll likely invest in buying (or upgrading) ATS recruitment software.

HR leaders can make a real difference by asking tough questions. It’s your job to make your potential or current ATS vendor prove that their ATS has compliance built in.

ATS Questions...and the answers you want to hear:




HR Risk: Asking forbidden questions.

Hiring the right people is essential to creating and sustaining a successful business. And while you might be tempted to extract as much information as you can from candidates during an interview, be aware that some questions can get you in serious hot water. In fact, asking questions on certain topics can result in charges of discrimination, a potential lawsuit and/or an investigation by the EEOC.

For more info on how to properly conduct an interview, check out our Interview Guide.

How HR can help: Educate hiring managers on what questions are acceptable.

Some questions may be obvious to avoid, while others might not be so apparent—especially if you don’t work full-time in HR. As an HR leader, be sure to educate the hiring managers and anyone else who might be asking a candidate questions on what to avoid.

Top 6 Questions to Avoid During an Interview

  1. Are you married? Do you have any kids?
    INSTEAD, ask: Do you have any obligations that could prevent you from working nights and weekends?

  2. What sorority/fraternity did you join? Are you a member of the country club?
    INSTEAD, ask: Are you a member of any professional organization?

  3. What year did you graduate high school?
    INSTEAD, ask: Do you have a high school diploma or the equivalent?

  4. Have you ever suffered an injury in the workplace? Filed a worker’s comp claim?
    INSTEAD: Describe the job accurately and ask if they can perform all of the tasks.

  5. Where were you born? Are you a U.S. citizen?
    INSTEAD, ask: Are you legally allowed to work in the U.S.? Can you show proof if hired?

  6. Are you pregnant? (even if it’s obvious) Any plans on starting a family?
    INSTEAD, ask: Do you anticipate needing some leave from work?



Drug Testing

HR Risk: Not approaching your drug testing policy strategically.

Should my company drug test job candidates? There’s an easy and hard way answer. Let’s start with the easy one. First, know your state’s drug test laws (here’s a cheat sheet) and follow them. marijuana-laws-by-state Now, the trickier part: assessing the risk of testing, or not testing, in your particular case. Every company (and every industry) faces different kinds of recruiting challenges, but for now the unemployment rate is low, so most company’s are looking to broaden the candidate pool, not limit it.

The rate of marijuana positives in the general U.S. workforce increased nearly 20% since 2014. Mandating drug testing for marijuana will limit the pool of candidates, which may be worth it in your business, but either way, it’s a risk-balancing decision.

How HR can help: Lead your executive team in a pro/con brainstorm exercise. HR professionals have unique insight into the business—you know your company’s culture and values, you know what it takes to recruit and hire for open roles, and you probably know better than anyone how much turnover you can expect in the coming year or so. That gives you the perfect vantage point to moderate an open-ended conversation about if and how to introduce drug testing into your recruiting process.

Lead your team through a discussion of the pros/cons of drug testing. The goal is to get it all out on the table (or whiteboard) and make the right decision for your business.

The Pros & Cons of Drug Testing


Employees discouraged from using any kind of prohibited substance

Mandatory drug testing could eliminate otherwise qualified workers for job openings.

Can reduce employee turnover.

It's expensive to drug test all employees.

Improve employee morale by allowing them to work in a drug-free environment.

Employees can feel devalued as i they're being viewed as untrustworthy.

Reduce future costs of productivity loss, workers' comp claims, tardiness, etc

You must follow all applicable laws, which can vary by state.



Background Check

HR Risk: Skimping on the background check.

You’ve finally found the perfect candidate for an important position and the last thing you want to do is slow the momentum. It’s so easy to skip this part, but here’s the risk: a background check is a preventive measure that safeguards the integrity (and legal standing) of your company as well as the safety of your employees.

How HR can help: 5 Ways to get it right.

  1. Federal and some state laws mandate that you can’t run a background check without the applicant’s permission.

  2. Any time you use an applicant’s background info to make an employment decision, you have to comply with federal laws that protect them from discrimination based on age, race, color, national origin, sex, religion, disability or genetic information.

  3. When assessing a candidate who has a criminal record, you have to consider: the nature and gravity of the offense, the amount of time that has passed since the conviction or completion of a sentence and the nature of the job

  4. The EEOC recommends allowing the candidate who is excluded the opportunity to show why they should not be excluded.

  5. Most companies us a third-party service or background screening software built into an applicant tracking system to conduct background checks. That software should include the appropriate legalese to get background check permission from each candidate, as well as track reasons for non-selection.


Employee Handbook

HR Risk: Neglecting to include language in an employee handbook that would help protect against lawsuits.

There’s no requirement for a company to have an employee handbook, so why bother?

HR professionals need to strike a balance between the big ambitious goals your company wants to pursue and the need to protect the company from fines, penalties and lawsuits. The employee handbook is a great example of this balance. On the one hand, a handbook is the perfect vehicle to talk about company culture and values and make people aware of all the benefits that your company offers. On the other, a handbook is valuable documentation, in that it spells out your company’s key policies and demonstrates your company’s compliance with federal and state law.

How HR can help: Create an employee handbook that serves multiple purposes.

Rally your company leaders to answer the big questions (why should people want to work here, what does our company value, etc.) while behind the scenes, work toward the goal of making sure your employee handbook includes clear language on the nitty gritty topics highlighted below. These are the topics you want to get clearly articulated in writing, in the event your company ever has to defend itself in a lawsuit or audit.

Paycor product demo

Want to dive deeper on recruiting and onboarding?

On-demand Webinar
The Proactive Use of Employee Handbooks to Reduce Risks

Watch Webinar

Onboarding Toolkit
Everything you need to optimize your onboarding program.


I-9 Compliance Checklist
Every new hire must complete section 1 of Form I-9 on or before their first day. Employers must complete Section 2.


Job Offer Letter Template
Download a template and learn the 5 things that should always be included in a job offer letter.



Paying Employees

HR Risk: Assuming a payroll breach won't happen to you.

In 2018, Statista reports that U.S. companies got hit with nearly 1,700 cyber breaches that leaked 170+ million records. Payroll hacks are especially damaging—just think how much personal information is in your payroll (Social Security numbers are the tip of the iceberg).

But more than that, employee negligence can have severe repercussions when it comes to workplace security. Whether it’s leaving an app open or using unapproved software/websites, employee actions can leave a company vulnerable to phishing attacks.

How HR can help: Promote commonsense security habits.

HR wears many hats, but no one expects you to be a computer scientist. However, you can encourage (and train) employees on best practices for basic security.


How HR can help: Kick the tires of your current payroll system.

A little commonsense goes a long way, but not all the way. To really get serious about security, you need to expect more from your payroll system. A good first step is to ask your payroll vendor tough questions that they should be able to easily answer.


For more information on how Paycor answers each of these questions, review our security policies and procedures.




Wage and Hour Penalties

HR Risk: Misclassifying Employees.

The Department of Labor’s Wage and Hour Division (WHD) is cracking down on labor law violations. In 2018, the WHD collected a record $304 million in wages owed to workers. Among the most common legal complaints are wage and hour lawsuits, frequently filed by employees who feel they have been paid unfairly. Lawsuits range from employees seeking overtime pay to challenging classifications.

How HR can help: Know wage & hour best practices.

5 Ways to Avoid Wage and Hour Penalties

  1. Have accurate job descriptions on file.
    Job descriptions are key evidence in determining who is and isn’t due overtime pay. Most employees are likely to be considered non-exempt and therefore eligible for overtime pay. If an employee sues you, it’s up to you to prove they’re exempt, and to do that you need a clear, accurate job description on file.

  2. Keep accurate, detailed records.
    Without the direct evidence, an employee can claim you own them back pay. Keep records on name, address, gender, workweek, hourly rate, daily and weekly hours worked, daily or hourly earnings, overtime pay, and extraordinary additions or deductions from pay for three years for all hourly employees. The rest of your required information will come from your payroll records.

  3. Pay wages when they’re due.
    It’s important to pay employees accurately and on time to avoid potential lawsuits. Other actions you should avoid doing include: Don’t hold back overtime pay from one check to another. Don’t pay one group of employees but not another. Don’t delay on your payroll taxes. Don’t average employee hours over a two-week pay period. Each work week stands alone in the eyes of the law.

  4. Don’t use comp time to pay for overtime.
    Private employers cannot give time off in the future in exchange for overtime work now. Even if employees agree to it, you’re violating the Fair Labor Standards Act.

  5. Classify contractors and employees properly.
    If you can tell a worker where to be, what to do and when to do it, that worker is probably your employee—not a contractor.


Pay Equity

HR Risk: Not paying employees equally for comparable work.

Pay equity laws have existed for decades, but over the past few years, states and local municipalities have begun to closely examine their laws in an effort to close the gender pay gap. Nearly all states have equal pay laws, but many were enacted some time ago and lack any emphasis on discriminatory pay practices for workers. As a result, states and cities are revising their current practices. California, New York, Maryland and Massachusetts are examples of states that have recently strengthened their laws. But even as momentum picks up at the state and local levels, movement on a federal level lags.

How HR can help: Conduct a pay-equity audit and remedy disparities.



harassment policy

Harassment Policy

Typically, when we talk about the employee experience, we’re talking about the best-case scenarios—how to engage your talented team and build a great company culture. That’s an exciting part of HR and by all means, keep expecting the best!

However, in this section, we want to help you mind some of the risks that come from not having clear plans in place.

HR Risk: Assuming “harassment” can’t happen here.

The Workplace Bullying Institute found that 27% of employees report being bullied, which is both a company culture issue and a liability. The EEOC defines harassment as a form of discrimination that violates federal statutes like Title VII of the Civil Rights Act of 1964, the Age Discrimination in Employment Act of 1967 (ADEA) or the Americans with Disabilities Act of 1990 (ADA). All companies – big and small – must understand the definition of harassment, recognize the applicable mandatory training provisions, and ensure effective delivery of programs to protect their businesses.

27% of employees are bullied

How HR can help: Define & train employees on harassment.

To avoid exposing your organization to legal risks, not to mention a serious drain on employee morale and decline in productivity, be sure to implement an anti-harassment plan for your entire workforce.



HR Risk: A botched termination results in litigation.

Most managers would agree: the least favorite part of their job is terminating employees. This anxiety, combined with an inherently uncomfortable situation, can led to mistakes and potential legal troubles.

How HR can help: Develop a multi-step plan for termination

6 Best Practices For Terminating Employees

Reduce your risk of lawsuits and lessen the traumatic impact of a termination by following these 6 best practices.

Base your decision on facts, not emotions

Have the meeting in person.

Be honest about your reasoning.

Create a plan for your termination meeting ahead of time.

Be consistent and document your company’s policies, contracts and past practices.

Treat the employee with respect.

The role of HR is to manage people and processes.

From hire to retire, you’re responsible for finding top talent and keeping them engaged. Compliance regulations are no joke, and HR pros often face a myriad of issues ranging from documenting work eligibility to harassment concerns.

Partnering with the right HCM provider can make all the difference. For more information on how Paycor can help you, visit our Solution Finder today!


More to Discover

CMS Waives Quality Reporting Requirements Due to COVID-19

CMS Waives Quality Reporting Requirements Due to COVID-19

Many government officials are worried the Coronavirus outbreak will overburden the U.S. healthcare system. In a drastic effort to help healthcare providers focus on patient care rather than paperwork, the Center for Medicare & Medicaid Services (CMS) will waive multiple key quality reporting requirements. What Does CMS Waiving Reports Mean for Healthcare Providers? Q4 Reporting Deadlines Are Now Optional The deadlines for 2019 data submission for the Medicare Shared Savings Program, the Quality Payment Program, and affiliated merit-based incentive program (MIPS) will be extended from March 31 to April 30, 2020. MIPS eligible clinicians who miss the April 30 deadline will qualify for the automatic and uncontrollable circumstances...

How to Make Tax-Free Disaster Payments To Employees

How to Make Tax-Free Disaster Payments To Employees

The pandemic is putting a big strain on everyone, maybe most of all your team, and you want to do everything you can to help.In a national emergency, employers have the freedom to offer unlimited tax-free financial assistance to employees who need it, with minimal administrative burdens. These disaster payments will be exempt from both federal income and employment taxes. What Disaster Payments Cover Disaster payment to affected employees can cover a broad range of “personal, family, living or funeral expenses (not covered by insurance)”. These may include: Unreimbursed Medical Expenses This can range from vitamins and over-the-counter medications to co-pays. Cleaning Products Disinfectant and hand-sanitizer for employee’s homes can help...

Paycheck Protection Program (PPP): What You Need to Know About Payroll Protection

Paycheck Protection Program (PPP): What You Need to Know About Payroll Protection

You need payroll protection. The federal government wants to help. Here’s what you need to know. The Paycheck Protection Program (PPP) As part of the $2 trillion aid package unveiled in the Coronavirus Aid Relief & Economic Security (CARES) Act, $349 billion was dedicated to the Payment Protection Program (PPP). This offers federal guaranteed loans to businesses with fewer than 500 employees to cover payroll and other essential costs.The federal government is focused on releasing funds quickly and with as little red tape as possible, giving small businesses a big boost right when they need it. And here’s the best part—if you use the funds to retain (or rehire) your employees, the loans don’t need to be repaid.View Payroll Protection...

Paycor's COVID-19 Command Center

Paycor's COVID-19 Command Center

We're excited to announce the release of Paycor's COVID-19 Command Center, a new analytics solution that delivers instant insights for crisis management. With the COVID-19 Command Center, you'll be able to: Prepare with real time insights Plan with actionable data Respond with the help of HR experts Recover quickly by playing the long game now Discover how your organization can make the best possible decisions with real time data, actionable insights and expert HR counsel.