There are a variety of regulatory requirements for certain positions in the financial services industry. For example, brokerage employees or traders may come under specific requirements of the Securities and Exchange Commission rules and regulations. And, Trust Officers may be held to a higher standard than the average bank employee, so it's a good idea to work with your compliance and legal teams to establish background investigation standards for each position. This will help you establish a standard process for anyone who comes into one of those positions, either internally or from the outside. It's a good idea to involve your systems team as well, so they can integrate your Human Resource software program to ensure that transfers or promotions don't fall through the cracks.
At a bare minimum, you should have a process to ensure that you run a criminal background check on every bank employee. Section 19 of the Federal Deposit Insurance Act (12 U.S.C 1829) prohibits, without prior written consent, any bank from hiring a person convicted of a theft offense or breach of trust. The best way to meet this requirement is through a formal background investigation, to include a criminal conviction history check through the FBI. Most financial institutions submit fingerprints through a manual or automated process, available through the American Bankers Association or other third party. The fingerprint submission does two things; a) it will help you make sure the person is who they claim to be, and b) you will know if they've ever been convicted of a theft related offense.
Your debate on how often the background check should be performed is very common and one that will last forever. Most banks have chosen to address "subsequent background checks" by giving notice to the employee and creating policies around certain "sensitive positions". First, employees should sign a memo of understanding when they join your company that a criminal history check may be run at anytime during their employment to ensure compliance with the FDIC provision. Second, management should determine which positions are considered sensitive, and set a schedule for subsequent background checks on people who hold those positions. For example, we know of one bank that requires annual background checks on all wire transfer employees because of the sensitive nature of their business and the need for impeccable integrity.
It's also a good idea to include a provision in your Code of Conduct to require every employee to inform management if they are charged with a theft related offense. It's a reasonable expectation for a bank to know it's employees, and the background investigation is an excellent tool for meeting that expectation.
Answering security questions is just one Bankers' Hotline benefit.