Electronic I-9 software can be very attractive to companies looking for efficiency and ensuring compliance. Not to mention the elimination of file drawers that once housed these voluminous paper I-9 files. However, buyers beware, not all electronic I-9 software meets the federal regulations’ requirements. And the problem for well-meaning companies: ICE will still hold the company liable for the faults of the software vendor if its technology fails to comply.
Electronic I-9 usage is a growing practice among companies both large and small. The products offered in this area come in many different forms, from stand-alone Form I-9 and E-Verify platforms, to add-ons for existing HRIS software. But not all products are created equal. While some have been developed with great care to attempt compliance with the Department of Homeland Security’s (“DHS”) regulations and guidance for electronic I-9s, others appear to have been created by software engineers with no awareness of the compliance pitfalls inherent to the Form I-9.
For example, some programs insert into the electronic I-9 additional fields requesting information that is not on the approved Form I-9. This violates the regulations, because electronic I-9s must have the same data elements and content as the paper Form I-9, and no additional elements or language may be inserted. Others require an employee to input his or her social security number, which is generally only required if a company uses E-Verify. And a review of the audit trails produced by various systems reveals a broad disparity in the volume of information captured, despite the regulations’ requirement for a record of the identity and actions of anyone who has accessed the system during a given period of time.
U.S. Immigration and Customs Enforcement (“ICE”) scrutinizes these systems to ensure the integrity of the I-9 process. One item ICE frequently inspects in an audit is the employee signature process. The electronic signature regulations have strict requirements on this issue. If the electronic I-9 platform fails to meet these requirements, even if the I-9 is otherwise fully completed, the company “is deemed to have not properly completed the Form I-9.” See 8 C.F.R. § 274a.2(i)(2). This means ICE will find a company to have committed a substantive violation for any employee whose I-9 was completed in the noncompliant system, which can result in significant penalties of $935 per violation under ICE’s penalty matrix. By way of example, for a relatively small company with 200 employees, this would total a $187,000 fine.
ICE has made clear that it is an employer’s responsibility to ensure its electronic I-9 system is compliant with the law. While it may not be fair, even if the error is the vendor’s fault, the employer is the party subject to the regulations and any fines for noncompliance. Therefore, companies paying for an electronic I-9 system should employ the following measures to protect their financial and reputational interests:
- Involve experienced immigration counsel in evaluating and selecting a compliant electronic I-9 system;
- Beware of inexpensive software add-ons, and closely scrutinize these systems for compliance;
- Ensure your company’s contract with an electronic I-9 vendor has a favorable indemnification clause for any fines or litigation that result from the product’s failure to conform to the electronic I-9 regulations;
- Obtain information regarding the vendor’s financial health to ensure the indemnification clause can be enforced and collected on if it becomes necessary; and
- Periodically review your electronic I-9 system for compliance with the regulations and developing agency guidance in this area.
Electronic I-9s can be an excellent tool to streamline the process and potentially save costs. However, companies must invest the time and resources to ensure the product they use complies with the electronic I-9 regulations, or face paying for a product that may lead to fines in the future.