Pre-employment screening helps Australian employers confirm that candidates meet the identity, work-rights, qualification, integrity and role-specific requirements relevant to their employment.

For organisations operating in regulated sectors, handling sensitive information or filling positions of trust, employee screening may also support broader governance, security and compliance obligations.

However, screening is often fragmented across multiple providers, spreadsheets, emails and internal teams. Recruitment personnel may need to request a police check through one provider, review identity documents in another system, conduct a VEVO work-rights check separately and manually follow up with candidates about missing information.

AuthNTick provides a centralised background-screening platform designed to help organisations request, track and manage employment checks through a more consistent and secure workflow.

What is pre-employment screening?

Pre-employment screening is the process of checking information relevant to a candidate’s suitability for a role before or during employment.

Depending on the position, this may include:

  • identity verification;
  • a Nationally Coordinated Criminal History Check;
  • an Australian Federal Police Check;
  • Australian citizenship verification;
  • a VEVO visa and work-rights check;
  • employment-history verification;
  • professional-reference checks;
  • education and qualification verification;
  • professional licence or registration checks;
  • address-history verification; and
  • other role-specific integrity or probity checks.

Not every candidate requires every available check. Employers should select checks that are relevant, proportionate and lawful for the role.

Screening should be conducted consistently, with appropriate candidate notice and consent, and in accordance with applicable privacy, employment and anti-discrimination requirements.

Why employee background checks matter

Recruitment decisions are often based on information supplied by candidates through resumes, application forms, interviews and supporting documents.

A structured screening process can help employers:

  • confirm that the candidate is the person they claim to be;
  • verify claimed employment and qualifications;
  • check whether the person has permission to work in Australia;
  • identify inconsistencies requiring clarification;
  • satisfy role-specific regulatory or contractual requirements;
  • support safer hiring decisions;
  • reduce fraud and identity risks; and
  • maintain an auditable recruitment process.

Background screening does not replace an employer’s own assessment.

A screening result should be considered alongside the inherent requirements of the role, the circumstances of any information identified and the organisation’s documented risk-assessment process.

The challenge with fragmented screening workflows

Many recruitment teams still manage employee screening through separate providers and manual processes.

A typical workflow might require staff to:

  1. Collect candidate details through an applicant-tracking or HR system;
  2. Copy information into a spreadsheet;
  3. Request a police check through a separate provider;
  4. Download identity documents from the recruitment system;
  5. Upload those documents to another verification service;
  6. Request work-rights evidence separately;
  7. Send reminder emails to candidates;
  8. Manually record the status of each check; and
  9. Forward results to recruitment, integrity, compliance or hiring teams.

This creates unnecessary administrative work and can make it difficult to determine which candidates have completed their requirements.

Common problems include:

  • delays in moving candidates through recruitment;
  • repetitive data entry;
  • increased workload during peak hiring periods;
  • limited visibility over pending and completed checks;
  • inconsistent candidate follow-up;
  • reliance on spreadsheets and shared inboxes;
  • duplicate storage of identity information;
  • documents being downloaded onto local devices;
  • results being transferred manually between teams; and
  • difficulty producing reliable audit records.

Each additional transfer or local copy of candidate information may increase privacy and security exposure.

Centralise your employment screening workflow

Bring candidate invitations, status tracking and configured checks into one business screening workflow.

Building an effective employment-screening process

An effective screening process should be designed around the risk and responsibilities of the role.

The process should answer five questions:

  1. Which checks are relevant to this position?
  2. At what point in recruitment should each check occur?
  3. What information and consent must be obtained from the candidate?
  4. Who is authorised to review the result?
  5. How will the organisation document and apply its decision?

A mature screening workflow should also provide:

  • a consistent check package for comparable roles;
  • clear ownership between recruitment and risk teams;
  • defined escalation procedures;
  • status visibility;
  • secure information handling;
  • appropriate access controls;
  • documented retention periods;
  • candidate communication templates; and
  • integration with existing recruitment systems where practical.

Common types of pre-employment checks

Nationally Coordinated Criminal History Check

A Nationally Coordinated Criminal History Check is commonly used for employment, licensing, registration, volunteering and positions of trust.

The check is delivered through the National Police Checking Service, which is operated by the Australian Criminal Intelligence Commission in partnership with Australian police agencies.

Employers can direct candidates to an ACIC-accredited body or arrange a business screening workflow through an accredited provider.

A criminal-history check is a point-in-time result. It reflects relevant police information available and disclosed at the time the result is issued. The employer or requesting organisation determines how recent a result must be for its purpose.

A check should be requested for the correct employment purpose. Results should not automatically be reused for unrelated positions or purposes without considering the applicable requirements.

Australian Federal Police Check

An AFP Police Check may be required for particular Commonwealth, immigration, citizenship, overseas, ACT or other specified purposes.

It should not automatically be substituted for a Nationally Coordinated Criminal History Check. The candidate should obtain the check type and purpose required by the requesting employer, regulator or government authority.

Identity verification

Identity verification helps establish that the applicant is the person associated with the identity information and documents supplied.

This may include:

  • document examination;
  • Document Verification Service checks;
  • verification against government issuing records;
  • biometric or liveness verification where applicable;
  • name-linkage evidence;
  • address verification; and
  • manual review where automated verification is unsuccessful.

Identity requirements depend on the selected service. A generic “100-point check” should not be assumed to satisfy every police-check, government or organisational requirement.

Australian citizenship verification

A citizenship check can help verify evidence that a person is an Australian citizen.

This is different from a general identity check and different from a VEVO visa check.

Depending on the workflow, evidence may include an Australian passport, citizenship certificate or another accepted citizenship document.

VEVO and work-rights checks

Australian employers must ensure that a worker is legally entitled to work in Australia.

Australian citizens and permanent residents can work without visa-based restrictions. Other workers may hold visas with unrestricted, limited or no work rights.

VEVO allows visa holders, employers and authorised organisations to review current visa details and conditions.

A VEVO check may show:

  • the visa currently in effect;
  • the visa subclass;
  • the period of stay;
  • work conditions;
  • study conditions; and
  • other applicable visa restrictions.

VEVO provides visa information. It does not replace a criminal-history check, identity check or citizenship check.

Employers should also avoid making assumptions about work rights based only on a person’s nationality, accent or appearance.

Employment-history verification

Employment-history checks can confirm information such as:

  • the employer’s name;
  • the candidate’s position;
  • dates of employment;
  • employment type;
  • responsibilities; and
  • the verifier’s relationship to the candidate.

Employers should distinguish between confirmation of factual employment information and a qualitative professional reference.

Professional-reference checks

A reference check obtains feedback from a person who has worked with or supervised the candidate.

Questions may cover:

  • the referee’s relationship to the applicant;
  • role and employment dates;
  • responsibilities;
  • performance;
  • conduct;
  • strengths;
  • development areas;
  • suitability for the proposed position; and
  • eligibility for re-employment.

Reference responses are opinions supplied by third parties and should be assessed in context.

Education and qualification verification

Education screening can verify qualifications claimed by a candidate, including:

  • institution;
  • qualification title;
  • course or field of study;
  • completion or award status;
  • attendance dates;
  • graduation date; and
  • academic evidence.

International qualifications may require additional verification steps and longer processing periods.

Professional licences and registrations

Some roles require current professional registration, licensing or industry membership.

The employer may need to confirm:

  • the registration number;
  • issuing body;
  • current status;
  • conditions or restrictions;
  • expiry date; and
  • whether the registration covers the proposed work.

Address-history verification

Address verification can help establish a candidate’s residential history or confirm an address used in an identity-screening process.

Evidence may include:

  • a driver licence;
  • utility account;
  • lease;
  • bank or government correspondence; or
  • another accepted proof-of-address document.

Credit, financial and insolvency checks

Financial checks may be relevant for positions involving substantial financial authority, fiduciary duties or access to sensitive financial systems.

Such checks should only be used where they are lawful and reasonably connected to the role.

The candidate should be informed about the check and any required consent should be obtained.

How AuthNTick streamlines employment screening

AuthNTick enables recruitment teams to manage multiple screening services through a central business platform.

Depending on the organisation’s requirements and enabled services, the platform can support:

Consolidating checks within one platform can reduce the need to transfer candidate information between spreadsheets, shared inboxes, HR systems and separate provider portals.

The AuthNTick Business Portal

The AuthNTick Business Portal allows authorised organisation users to initiate and monitor screening requests.

Depending on account permissions and configured services, users may be able to:

  • request one or more checks;
  • invite candidates by email;
  • monitor application status;
  • identify incomplete or pending checks;
  • review completed results;
  • search and filter screening records;
  • manage organisation users;
  • access reports;
  • assign checks to candidates or employees; and
  • maintain a central record of screening activity.

Access should be limited to personnel who require screening information for an authorised business purpose.

Candidate self-service

Candidate self-service reduces the amount of personal information recruitment staff need to enter manually.

Instead of asking staff to collect a candidate’s identity details and copy them into another system, the candidate can receive a secure link and complete the required application directly.

The candidate can generally:

  • enter their own personal information;
  • provide consent;
  • upload or verify identity documents;
  • review information before submission;
  • respond to requests for additional evidence; and
  • monitor relevant application steps.

This can improve data quality because information is supplied and reviewed directly by the candidate.

It can also reduce the need for recruitment teams to retain local copies of identity documents.

An organisation may use a reusable static link for a particular screening pathway.

The link can be placed in:

  • an applicant-tracking system;
  • a recruitment email;
  • an onboarding portal;
  • an intranet;
  • a careers page; or
  • another approved candidate communication.

Static links can be suitable where candidates need to initiate the same type of check without recruitment staff creating every request manually.

The configuration should clearly identify:

  • the organisation;
  • the required check;
  • who pays for the check;
  • the permitted purpose;
  • any applicable package; and
  • how the resulting application is associated with the organisation.

Candidates should remain within the AuthNTick application or an expressly identified integrated service. The wording should not imply that candidates are routinely redirected to an unrelated third-party platform unless that is the actual workflow.

Individualised candidate invitations

Recruitment staff can initiate a request for a specific candidate using the Business Portal.

The candidate receives an individual invitation containing a unique application link.

This method can provide greater control over:

  • the candidate associated with the request;
  • the required check package;
  • the requesting organisation;
  • the application status;
  • reminders; and
  • result delivery.

Individual invitations are useful where the employer wants to track each candidate from the beginning of the screening process.

Bulk screening workflows

Organisations conducting higher volumes of checks may use bulk workflows where available.

A bulk process can allow authorised staff to prepare multiple candidate invitations while avoiding repetitive manual creation of individual requests.

Bulk screening should still preserve:

  • candidate-specific consent;
  • unique application access;
  • appropriate purpose information;
  • secure result separation; and
  • accurate organisation reporting.

API and HR-system integration

AuthNTick can support integration with recruitment, applicant-tracking and HR systems through an API or other approved integration method.

An integration may allow the customer’s system to:

  • create a screening request;
  • select the required check type;
  • send a candidate invitation;
  • receive status updates;
  • identify requests requiring action;
  • retrieve permitted result information; and
  • associate the screening record with the correct candidate.

API integration can reduce duplicate entry and the need for users to switch between platforms.

The precise information exchanged, authentication controls, result-access model and retention arrangements should be documented as part of the integration design.

Discuss platform and API integration

Talk with AuthNTick about static links, bulk invitations and integration with your recruitment or HR systems.

Reducing privacy and security risk

Pre-employment screening involves sensitive personal information.

Depending on the check, this may include:

  • legal names;
  • previous names;
  • date of birth;
  • residential addresses;
  • passport or identity-document details;
  • visa information;
  • identity-document images;
  • employment and education information;
  • criminal-history results; and
  • referee information.

Manual workflows can result in this information being:

  • stored in spreadsheets;
  • downloaded onto staff devices;
  • attached to emails;
  • placed in shared folders;
  • uploaded repeatedly to separate providers; or
  • retained after it is no longer required.

A centralised candidate workflow can reduce unnecessary handling by allowing applicants to supply information directly through the screening platform.

This does not eliminate the need for organisational controls. Employers should still define:

  • who may access screening information;
  • how results are assessed;
  • how information is retained;
  • when records are deleted;
  • whether downloads are permitted;
  • how incidents are managed; and
  • which integrations or subprocessors are involved.

Screening and the Protective Security Policy Framework

Australian Government entities may need to conduct personnel and information-security activities in accordance with the Protective Security Policy Framework.

The PSPF establishes protective-security requirements for Australian Government entities across areas including personnel, information, physical security and governance.

Private businesses are not automatically subject to all PSPF requirements merely because they conduct background screening. However, suppliers working with government customers may need to demonstrate controls that support the customer’s security and procurement obligations.

AuthNTick can provide relevant security and due-diligence information to eligible customers, subject to confidentiality and the documentation available for the service being assessed.

Organisations should conduct their own assessment rather than relying on a general marketing statement as evidence of PSPF, DISP or other security-framework compliance.

Handling sensitive information

Security classifications such as OFFICIAL: Sensitive relate to Australian Government information-handling requirements.

Any statement that a platform can process or store information at a particular classification should be supported by:

  • the system’s approved security architecture;
  • the applicable customer contract;
  • a system risk assessment;
  • information-handling procedures;
  • personnel and access controls;
  • hosting arrangements;
  • incident-response processes; and
  • any required government authorisation or assurance.

Where AuthNTick has approved documentation supporting a particular customer environment, that information can be provided during procurement or security due diligence.

The public article should not be interpreted as granting blanket approval for every customer to upload government-classified or security-sensitive information.

Hosting, encryption and data residency

AuthNTick applies technical and organisational controls intended to protect information processed through the platform.

Public statements about hosting and security should reflect the current production architecture and approved security documentation.

Subject to the actual deployed configuration, relevant controls may include:

  • hosting within Australian data centres;
  • encryption of information in transit;
  • encryption of stored information;
  • authenticated access;
  • role-based permissions;
  • network segmentation;
  • audit logging;
  • backup and recovery controls;
  • vulnerability and patch management;
  • monitoring and incident response; and
  • controlled integration with authorised service providers and government systems.

Detailed infrastructure, cryptographic, data-residency and subprocessor information may be provided to organisational customers through security questionnaires, contracts or due-diligence documentation.

Employers should confirm that the service configuration selected for their organisation meets their particular regulatory, contractual and data-residency requirements.

Government and third-party integrations

Some checks require information to be submitted to or verified against an authorised external source.

Depending on the service, this may include:

  • the Australian Criminal Intelligence Commission and Australian police agencies;
  • the Australian Federal Police;
  • the Department of Home Affairs;
  • the Document Verification Service;
  • education institutions;
  • previous employers;
  • referees;
  • professional bodies; or
  • other authorised data sources.

Information should only be shared where necessary to provide the requested check and in accordance with the applicable consent, screening-service terms and privacy arrangements.

Where a screening service requires information to be processed outside Australia, the candidate and customer should be informed in accordance with the applicable privacy documentation and consent process.

Screening timeframes

There is no single processing time that applies to every background check.

Timeframes can depend on:

  • the type of check;
  • whether the application is complete;
  • identity-document quality;
  • candidate responsiveness;
  • external government or institution processing;
  • whether information needs manual review;
  • the complexity of international verification;
  • employer or referee response times; and
  • whether a criminal-history check is referred for further review.

Recruitment teams should avoid treating an extended processing period as evidence of an adverse result.

Where a result requires internal integrity or risk assessment, the organisation should have a separate documented review process.

Reviewing criminal-history information fairly

A disclosable outcome does not automatically mean that a candidate is unsuitable for employment.

Employers should assess information in relation to:

  • the inherent requirements of the role;
  • the nature of the disclosed conduct;
  • when it occurred;
  • the candidate’s age at the time;
  • relevance to the proposed duties;
  • evidence of rehabilitation;
  • applicable spent-conviction rules;
  • regulatory requirements; and
  • the candidate’s opportunity to explain or correct information.

Access to criminal-history results should be restricted to appropriately authorised decision-makers.

AuthNTick supplies screening information but does not make the customer’s final employment decision.

Data retention and customer access

Screening information should not be kept indefinitely merely because it may be useful later.

Organisations should define retention periods based on:

  • legal obligations;
  • government or contractual requirements;
  • audit needs;
  • the purpose for which the information was collected;
  • complaint or dispute periods;
  • security requirements; and
  • the organisation’s privacy policy.

Access through the AuthNTick platform may be limited to a specified period even where AuthNTick must retain restricted records for compliance or audit purposes.

Employers should download or retain results only where they are authorised to do so and should protect any copy held within their own systems.

Business continuity and service recovery

Employment-screening platforms should maintain documented arrangements for responding to service disruption.

Relevant controls may include:

  • backups;
  • recovery procedures;
  • infrastructure redundancy;
  • service monitoring;
  • incident escalation;
  • alternate communication channels;
  • manual processing procedures; and
  • tested business-continuity plans.

Specific recovery-time objectives should only be published where they are current, approved and operationally supported.

Where contractual recovery commitments apply, they should be documented in the applicable agreement or service schedule.

Choosing an employee-screening provider

Employers should consider more than price when selecting a background-screening provider.

Questions to ask include:

Service coverage

Does the provider offer the checks required for your workforce, industry and risk profile?

Accreditation and authority

Is the provider authorised or accredited to deliver the relevant check?

For Nationally Coordinated Criminal History Checks, employers should use an ACIC-accredited body or another authorised pathway.

Candidate experience

Can candidates complete the process securely on mobile and desktop?

Are instructions clear, and can applicants obtain support?

Workflow management

Can recruitment teams initiate, monitor, search and report on checks without relying on separate spreadsheets?

Integration

Can the service connect with the organisation’s applicant-tracking or HR platform?

Information security

Can the provider explain its access controls, data handling, hosting, encryption, incident management and subprocessor arrangements?

Does the workflow collect clear candidate consent and provide appropriate privacy notices?

Retention and deletion

Are customer-access and record-retention periods documented?

Support and escalation

Is there a clear process for incomplete applications, identity problems, disputed information and delayed external verification?

Why organisations use AuthNTick

AuthNTick helps organisations manage employment screening through one central platform.

The service is designed to help recruitment and HR teams:

  • request multiple check types;
  • allow candidates to provide their own information;
  • monitor screening status;
  • reduce repetitive data entry;
  • reduce reliance on spreadsheets and email;
  • apply consistent workflows;
  • manage authorised access;
  • integrate with existing systems;
  • maintain screening records; and
  • obtain Australian-based support.

AuthNTick is an ACIC-accredited provider for eligible Nationally Coordinated Criminal History Checks. AuthNTick is a private organisation and is not the Australian Criminal Intelligence Commission, the Australian Federal Police, the Department of Home Affairs or another government agency.

Frequently asked questions

What is included in pre-employment screening?

Pre-employment screening may include identity, criminal-history, work-rights, citizenship, employment, reference, education, licence and other role-specific checks.

The appropriate checks depend on the role and the employer’s legal and risk requirements.

Does every employee need a police check?

No. Employers should determine whether a criminal-history check is relevant, proportionate or legally required for the position.

Some regulated roles may require one, while other positions may not.

How long is a Nationally Coordinated Criminal History Check valid?

There is no universal expiry period.

It is a point-in-time check, and the employer, regulator or requesting organisation determines how recent the result must be for its purpose.

Is a VEVO check the same as an identity check?

No. VEVO provides current visa details and conditions.

An identity check establishes or verifies the person’s identity. An employer may require both.

Is a citizenship check the same as a VEVO check?

No. VEVO is for visa information.

Australian citizens do not hold an Australian visa for VEVO purposes and should provide appropriate citizenship evidence where citizenship must be verified.

Can AuthNTick integrate with an HR platform?

AuthNTick can support API and other integration options, subject to technical scoping, account configuration and agreement on the information to be exchanged.

Should recruitment teams download candidate identity documents?

Downloads should be limited to cases where they are operationally and legally required.

Reducing unnecessary local copies can lower security and privacy exposure.

Does a criminal-history result decide whether someone should be hired?

No. The employer makes the employment decision.

Any disclosed information should be assessed fairly and in relation to the requirements and risks of the role.

Can screening information be stored indefinitely?

Screening records should be retained only for an authorised purpose and for the applicable legal, contractual, audit or operational period.

Organisations should document retention and secure-disposal requirements.

Streamline pre-employment screening with AuthNTick

Pre-employment screening does not need to depend on disconnected portals, spreadsheets and manual document transfers.

AuthNTick helps Australian employers manage police checks, identity verification, work-rights checks, employment verification and related screening services through a centralised platform.

Candidates can complete their required steps through secure online workflows, while authorised recruitment teams can monitor progress and manage results through the Business Portal.

Organisations requiring higher-volume screening can also discuss static links, bulk workflows and API integration with AuthNTick.

Important notice

This article provides general information only and is not legal, employment, immigration, privacy or security advice.

Employers are responsible for determining which checks are lawful, necessary and appropriate for each role and for making their own recruitment and risk decisions.

Screening requirements, government processes and regulatory obligations may change. Organisations should review current official guidance and obtain professional advice where appropriate.