Compliance in Tech Recruitment: Legal Frameworks & Global Challenges

Posted by Templeton on Friday, 28 July 2023

In the ever-evolving landscape of the tech industry, finding the right talent is crucial to success. As tech recruitment agencies seek to match skilled professionals with organisations in need of their expertise, the importance of compliance cannot be overstated. From legal regulations to data protection, ensuring adherence to the relevant frameworks is essential for both candidates and clients alike.

Compliance in Tech Recruitment

To shed light on the complexities of compliance in the tech recruitment industry, we sat down with our Contracts & Compliance Executive here at Templeton and Partners, Bernhard Loffler. With a wealth of industry experience, Bernhard provides valuable insights into the challenges and best practices associated with recruitment compliance, both in the UK and in global markets.


Bernhard, can you give us a brief overview of your Contracts & Compliance Executive role at Templeton and your industry experience so far?

My role at Templeton revolves around ensuring that all aspects related to contracts, legal compliance, and agreements are taken care of properly. It's a responsibility that involves two main areas of focus: legal compliance and contractual compliance.

Legal compliance means following all the laws and regulations to make sure Templeton operates ethically and within the legal boundaries. This includes adhering to employment laws, like the intricate IR35 regulations and other statutory requirements that apply to our business. On the other hand, contractual compliance deals with the commitments we make to various parties, such as clients, suppliers, contractors, and our own employees. My role is to ensure we stay true to the terms and conditions specified in these agreements. For instance, if a client contract states that we must conduct a reference check of at least two years for each candidate, I make sure that no candidate moves forward without meeting this requirement.

In terms of my background, I initially studied law and later focused on Business Law, where I learned the essential aspects of both business studies and legal principles, which turned out to be a great fit for my current role. Having an understanding of how the law intersects with various business scenarios allows me to approach situations with a holistic perspective and seek solutions that are mutually beneficial to both our clients and contractors.

During my studies, I also learned a lot about employment law, which is essential for handling HR-related matters. And in my master's degree, I gained expertise in contract drafting, which comes in handy when dealing with client contracts and maintaining our own contract templates. Overall, my journey to becoming a Contracts & Compliance Executive was pretty straightforward. It started with a holiday job as a recruiter, followed by a six-month HR internship. Later, I took on a legal role that focused on UK compliance with German companies, which prepared me well for where I am now.


Legal Frameworks of Recruitment Compliance in the UK

What are the key legal frameworks and regulations that govern recruitment compliance in the UK?

There are two key legal frameworks and regulations that play a significant role in the UK when it comes to compliance in the recruitment industry. The first one is the "Conduct of Employment Agencies Regulations 2003." These regulations are pretty crucial as they set out rules for how employment agencies, who find and place candidates for clients or hire them as employees, should conduct themselves. It's all about defining what they can and cannot do in terms of behaving properly and treating job seekers fairly. For instance, under these regulations, employment agencies can't charge candidates money for job-finding services.

Now, from a candidate’s perspective, there's a bit more flexibility. If you're operating through your own personal service company, like having your own limited company, for instance, you have the option to opt out of these regulations. That gives you a bit more freedom in your dealings. However, if you're working through an umbrella company, it's usually better to stick with the regulations, as they provide you with valuable protection. You have the right to choose, and agencies can't force you to opt in or out.

On the tax side of things, there's another crucial piece of legislation called "IR35." This is all about tax compliance for subcontractors. The idea behind IR35 is that the end client, like a big global company, is responsible for ensuring that the taxes for the subcontractor (the worker at the very end of the chain) are paid correctly, regardless of all the steps in between. You might have the worker, then their own personal service company, then an agency like Templeton, followed by an MSP (Managed Service Provider), and finally, the client. But the responsibility for tax payment ultimately falls on the client, thanks to IR35.

To handle this tax risk, many big clients play it safe and insist that all workers fall "inside IR35." This usually means the worker is employed by an umbrella company, where they are on the employer's payroll but can still work for the client. On the other hand, "outside IR35" is when the worker operates more like a freelancer, working as their own boss.

Because of this tax complexity, you'll find many umbrella companies in the UK. They provide a secure solution for clients, ensuring everyone stays compliant with IR35.

Legal Frameworks of Recruitment Compliance in the UK

Read more on How to Recruit Efficiently, Compliantly and With Reduced Costs


Ensuring Compliance in International Recruitment

However, in your role, you don't just deal with UK laws and regulations; Templeton operates globally, engaging in international recruitment with clients and candidates from various countries. How do you ensure compliance when recruiting tech professionals from abroad?

International recruitment brings a host of new rules and considerations, and Templeton operates in multiple countries, each with its own unique set of laws and regulations. For instance, we have legal entities in the US, UK, France, Netherlands, Germany, Switzerland, Poland, and India. While the regulations between the UK and Europe often align, dealing with the US can be a bit more complex due to bureaucratic requirements. Thankfully, India's laws are also similar to the UK.

However, we also work with clients and candidates from third countries where we don't have an entity. This means I may have to handle legal matters related to Spanish, Canadian, or Mexican law, just to name a few.

International recruitment can be quite a complex task, considering the diverse labour, tax or contract laws in different countries, as well as other regulations you often have to take into account like immigration laws, visa requirements, etc.

Ensuring compliance when operating globally requires constant learning and adaptation. For me, research plays a vital role. I make sure to stay informed about the regulations in each country we operate in, understanding the potential issues and key points that demand attention. Moreover, having a strong network of local partners and client collaboration is also essential.

Templeton relies on a network of local partners, including tax advisors, legal experts, payroll companies, and employment agencies in each country. Their expertise and insights are invaluable in helping me gain a better picture of the situation and identify crucial compliance requirements. Additionally, our clients themselves provide input regarding specific legal requirements they expect us to meet.


What are the main compliance challenges when recruiting tech professionals from abroad?

When recruiting tech professionals from abroad, several compliance challenges come into play. It's an interesting and dynamic process with different perspectives to consider.

For instance, at Templeton, we may have a client based in the US with a contract with us in the UK, while our contractor is from the EU. Alternatively, some clients may opt to hire someone from abroad to come and work in their country temporarily. Although this isn't something we practice at Templeton, it's crucial to consider all options and choose the right one.

Today, there are numerous services like Templeton that facilitate hiring people from abroad, allowing them to work for the client in their country while residing elsewhere. From a compliance standpoint, there are three perspectives to examine. Firstly, there's Templeton's compliance - what we, as a business, must ensure. Then, there’s the client’s compliance, and finally, the worker’s compliance. Each of these has its own set of questions to address.

For clients, determining the appropriate legal framework for engaging the worker is essential. They must decide on issues like whether to employ the worker directly, engage them as a freelancer, work through an agency, or adopt other contract models. For instance, clients may choose to pay for actual work hours (time and materials) or have milestone contracts, where payment depends on specific achievements or deliverables.

When dealing with major global companies, there are additional things to consider. At Templeton, for instance, we often deal with different contracts involving multiple legal entities across various countries. Depending on the client's location, we might have contracts with Templeton Germany, Templeton UK, or Templeton US. So the client might also have to determine between which legal entities the contract should be.

On the worker's side, similar questions arise regarding their employment setup. Are they going to operate through their own company, work as freelancers, or consider other arrangements? Naturally, their preferred payment structure is an important factor to consider as well.

With so many aspects to contemplate, it's essential to adopt a multi-faceted approach and take into account both the client's and worker's perspectives. At Templeton, this is a fundamental aspect of what we do daily. Our role is to present clients and candidates with a comprehensive view of all possibilities, risks, and legal considerations involved. For new contractors transitioning from traditional employment to contracting, we guide them through the process, ensuring they are fully aware of their options and responsibilities.

Ensuring Compliance in International Recruitment

Do you know Which Recruitment Model Is Best for You?


What can recruiters do on their side to ensure compliance, especially when dealing with candidates from other countries?

When recruiting candidates from abroad, being proactive is crucial. The first and foremost step recruiters should take is asking the right questions and regularly communicating with the legal department to avoid potential issues. Whenever they come across a new candidate with unclear immigration, visa or right-to-work status, these simple actions can prevent many potential issues down the line.

For instance, you might think you've found the perfect candidate for the job, but they might not have the right to work in the country. Even if they have the right when you first find them, somewhere between the recruitment process and their time with the client, circumstances may change, and they could lose the right to work for whatever reason. Recruiters should be on top of that.

Once you've confirmed that a candidate can work for the client, the next important question is about the type of right to work they have. For example, in the UK, you can obtain the right to work through a settlement status, a spouse visa or a company sponsorship. Workers with settled status or spouse visas can usually work for any company. However, if they're sponsored, they can only work for the sponsoring company, which means that they need a different contract setup. So, along with identification checks, the right-to-work checks are crucial to ensure the candidate can work for the client without any complications. Nobody wants to submit a perfect candidate who can't eventually work for the client.

While recruiters don't conduct ID and right-to-work checks, they are the first point of contact with candidates and clients. Therefore, they are responsible for flagging any concerns and reporting suspicions promptly. As the Contracts and Compliance Executive, I build the processes and requirements before and fix any issues after. In between that, it's the recruiters' job to prevent any issues from happening.


Data Protection and GDPR in Recruitment

How does data protection and GDPR (General Data Protection Regulation) come into play during the recruitment process?

GDPR is a significant law that may seem straightforward at first. It has very clear requirements about what you are allowed and not allowed to do, but the problem is that these restrictions can be very broad.

GDPR refers to three main distinct activities: data collection, data processing, and data holding and storage. Each of these aspects is critical in ensuring compliance. As a recruitment company, whenever we collect personal data from a candidate, even something as simple as a name and email address, we become responsible for that data and must follow strict rules to ensure its security and proper use.

Here’s an example: Suppose you're a recruiter and come across a potential candidate's CV on LinkedIn or another platform. As soon as you physically collect this person's data – whether by writing their name on paper or storing their CV on your computer, you become responsible for that data, and GDPR applies to any actions you take with it, including using it for recruitment purposes. Under GDPR, you must ensure the data's safety and security, avoid sharing it with others, and inform the candidate about how you intend to use their information within four weeks of collection. Failure to do so means you no longer have the right to retain this data, and you must safely delete it in a way that prevents unauthorised access to that data by a third party.

GDPR's scope is extensive, and strict compliance takes maximum effort and diligence. So you need a lot of processes in place and good business practices to ensure you're not in breach. While GDPR is just one of the many rules governing recruitment, following these practices is crucial to protect our candidates' data and our reputation as a responsible and compliant company.

Data Protection and GDPR in Recruitment

This is what you should look for in your next hire: Discover the 7 Qualities of Top Tech Talent


What steps should recruiters take to ensure data privacy and compliance with GDPR? How can a recruitment agency ensure that all recruiters are aware of and follow GDPR rules?

At Templeton, we have a strong culture of data privacy and compliance. We provide our recruiters with a comprehensive handbook and conduct regular training on handling data in accordance with GDPR guidelines. If any recruiter is unsure about data practices or encounters activities that may not align with the rules, they can always approach me, and I'll be there to guide and clarify.

Moreover, we employ a smart candidate management system and contract management system that securely holds all personal data related to our candidates. This system automatically filters and deletes data that would breach GDPR regulations if retained for too long. So, if we save any data and fail to contact the person within a specified timeframe, the system ensures automatic deletion to avoid any GDPR violations.

In addition to our policy measures, internal resources, training, and technical safeguards, various organisations, such as the FCSA and the REC, offer useful online materials and policy templates that recruiters can utilise to ensure compliance at every step of the recruitment process. Logical thinking also plays a significant role in GDPR compliance. Recruiters should only process data when they have a valid reason, such as explicit consent from the person concerned or when it's legally required for certain checks. If they ever feel that certain data is unnecessary or irrelevant to the recruitment process, they should promptly review and delete it.

Following these steps allows us to maintain a high standard of data privacy and compliance throughout our operations.


Fair Employment Practices

What are some best practices for ensuring fair employment during the recruitment process?

As a recruitment company, ensuring fair processes involves fostering a culture of openness and honesty within the business. Effective communication is key; engaging in open dialogues with both clients and contractors helps identify and address potential risks early on. The more we understand the situation of each party, the better equipped we are to approach any challenges.

Following the law is a fundamental aspect of fairness in recruitment. The law prohibits us from collecting and processing any discriminatory information based on protected characteristics, such as gender, age, disability, or ethnicity, unless it is directly relevant to the position. This legal requirement by itself sets a standard for fairness in the process.

Many clients are also conscious of fairness and provide us with their internal policies to ensure equitable practices. They may specify exactly how CVs should look to make them as neutral as possible, avoiding any information that could reveal personal characteristics irrelevant to the job.

Ultimately, the combination of legal requirements, client policies, and organisational culture can create a robust framework to guarantee fair practices throughout recruitment.


How can recruiters and employers promote diversity, inclusion, and equal opportunities while staying compliant?

When recruiting, personal biases will come into play eventually, whether they are conscious or unconscious. And while it may be challenging to entirely eradicate bias, the goal is to narrow it down as much as possible.

Ultimately, recruiters want to ensure that the candidate is not only a good fit for the role but also aligns well with the company culture and the existing team; otherwise, that hire might cause a lot of disruption. However, this part of the assessment usually occurs at the very end of the recruitment process. Before that, you have already screened a lot of anonymised CVs and evaluated them solely based on skills and experience. You might have also sent out skill tests and ranked the candidates objectively, with the top two or three candidates only proceeding to the final interview stage. This approach ensures that the decision is made between those candidates, reducing the potential for bias.

It's also essential to highlight that promoting equal and fair opportunities has nothing to do with recruiting diversely just for the sake of it. At Templeton, diversity (both in our candidates and employees) is a natural outcome of “fishing in different ponds.” Unlike other companies that traditionally limit their search to the largest or most accessible talent pools, we’re here to find the biggest fish out of every little pond. By casting a wider net, we discover talented individuals from various backgrounds and underrepresented groups, ensuring that valuable potential is not overlooked.

Fair Employment Practices

Wondering how to hire and retain the best tech talent? Download our free Employment in the IT Industry Report


Working with Contractors

What are the key compliance considerations when engaging contractors?

Contractors play a significant role in today's workforce, offering flexibility and specialised skills to companies. However, when engaging contractors, it's crucial to consider key compliance factors to ensure everything is done correctly.

To begin, it's essential to understand that the term "contractor" is quite broad and refers to individuals who work independently and choose their own clients to work for, just like day labourers used to do in the market ages ago. Nowadays, instead of offering their muscles for a piece of silver, they offer their skills and expertise to complete a certain project. Once the project is completed, they move on to the next, for another client. This arrangement benefits both the client and the contractor, as it offers flexibility and reduces liabilities. Usually, clients are willing to pay more (one and a half times as much, perhaps) for contractors to come in as flexible labour and leave when they're no longer needed.

Contractors can be engaged in various ways, such as being employed by an umbrella company, hired directly by the agency, having their own limited company, or operating as freelancers. For us, as an agency, understanding their preferred business setup is crucial. Once we have figured out what the contractual engagement should look like, we need to ensure compliance by following certain legal requirements, like conducting ID checks on candidates to verify their identities.

Additionally, regulations like IR35 that address the risk of misclassification should also be taken into account. If an individual, for instance, pretends to be a freelancer to enjoy tax advantages but, in reality, they work at the client's office, follows the same schedule as other employees, and is essentially a regular employee, that's considered "disguised employment" by the government and can lead to major consequences for all engaged parties.

To address the issue of disguised employment, IR35 places the responsibility on both the agency and the end client to identify and avoid such arrangements, ensuring that the worker's taxes are paid correctly. If disguised employment is discovered, the party HMRC deems to be the actual employer may have to pay back up to three years of employer contributions. This can amount to a significant sum, especially for high-value, skilled contractors like those we work with at Templeton.

That's why many workers in the UK choose to go through umbrella companies. When a person is employed by an umbrella company, it provides assurance to us as an agency and to the end client that the individual is properly employed, and the umbrella company takes care of all tax and insurance contributions.

While ensuring compliance when engaging contractors may involve some complexities, when done correctly, it brings substantial rewards. That's why Templeton is in this business and why being fully compliant is our top priority.


Keeping Up with Regulatory Changes

What do you see as the future trends and challenges in recruitment compliance, particularly in the tech industry?

While tech recruitment doesn't have as many legal requirements as some other sectors, it is not immune to compliance challenges. As the industry continues to expand, lawmakers may seek to implement stricter rules to ensure all aspects of tech recruitment are conducted ethically and responsibly. Staying informed and updated on legal changes will be crucial for recruiters in the field.

One notable recent development was the discussion around removing IR35. While it didn't materialise eventually, it's important to be aware that this topic may resurface in the future. So, remaining vigilant and adaptable to potential reformations is also essential.

Keeping Up with Regulatory Changes


Steps Towards the Future

As the tech industry evolves, new trends and challenges may arise. It is essential to be proactive and receptive to these changes, ensuring that recruitment practices stay compliant and aligned with the industry's evolving landscape. By staying up-to-date and anticipating future developments, recruiters, agencies and employers can navigate potential challenges and continue to attract top talent while meeting legal requirements effectively.

With 27 years of proven success, Templeton has efficiently, compliantly and cost-effectively recruited thousands of top-notch IT professionals worldwide. Our extensive candidate database ensures a perfect match for your requirements. Discover more about our multi-award-winning recruitment services today.


Discover the Top 5 Emerging Trends in Recruitment and How HR Leaders Should Adapt


Topics: Thought Leadership