When Checks Fall Behind: The lesson from the latest safeguarding review

The gap between a check and the risk it is meant to manage

Most safer recruitment processes are built around recorded information.

Has the person disclosed what they should disclose?
Has the certificate been issued?
Has the barred list check been done where required?
Have references been taken?
Has the employer followed the process?

All very important questions as they create structure and accountability. Schools, nurseries, care providers, sports organisations and other high-trust employers need that foundation.

The difficulty is timing and visibility. Safeguarding risk does not always wait for the process to catch up. A person can be under investigation before there is a conviction. A concern can exist before it appears on a certificate. A reference can be incomplete, carefully worded or false. Public online behaviour can be relevant to a role involving children long before it becomes part of any formal record.

The exposure sits in over-relying on one layer of evidence and treating it as if it tells the whole story.

Traditional checks are strongest when the information has already been recorded in the right place, in the right format, and is available to be disclosed. They are weaker when the risk is current, fragmented, emerging or sitting outside the formal record.

Many of the checks we still rely on were designed for a world where risk was more likely to be formally recorded before it became visible. That is not the world safeguarding leaders are operating in now.

The review needs to look beyond update frequency

The obvious response to this case is to ask whether the Update Service should check more often. If the BBC’s reporting is accurate, a nine-month interval for some searches will feel difficult to defend in roles involving children.

Frequency is only part of it. A review focused only on how often a database is checked could miss the wider issue: some relevant safeguarding risks may never appear through a traditional check.

Those risks include delayed records, unreliable references, gaps between roles, inconsistencies in what a candidate has provided and relevant public online behaviour that may point to risk in a role involving children, vulnerable people or high-trust access.

None of this should be handled casually. Employers should not be making subjective decisions from informal searches or screenshots. Context matters. Proportionality matters. Human review matters. A digital signal is not the same thing as a finding.

Ignoring relevant signals carries its own risk. If an organisation is about to give someone access to children, the question is not only whether the statutory check was completed. It is whether the organisation had enough visibility to make a sound decision.

“Nothing came back” can be a dangerous comfort

One of the most dangerous phrases in safer recruitment is “nothing came back”. It sounds reassuring. It gives the process a sense of completion. It is also convenient when organisations are under pressure to fill vacancies, keep rooms staffed, keep ratios safe and keep services running.

“Nothing came back” does not always mean there was nothing to find. It may mean the information was not yet recorded. It may mean it was not disclosable through that route. It may mean the search was too narrow. It may mean the risk signal was somewhere else entirely.

The distinction matters. Absence of evidence is not the same as evidence of absence.

The practical test for leaders is not whether the file looks compliant on the day someone starts. The harder test is whether the process still looks defensible if something serious later comes to light. What did you know? What could you reasonably have known? What checks did you rely on? Where were the gaps? Who owned the judgement?

The risk is not that DBS checks, or their equivalents in Scotland and Northern Ireland, exist. They should. The risk is the assumption that if nothing appears there, the safeguarding question has been answered.

Those are uncomfortable questions, but they are the questions that matter when safeguarding fails.

Safer recruitment needs a stronger current-risk layer

The deeper question is whether we have become too comfortable placing almost blind reliance on registry and criminal record checks. They are important, but they are not the same as a current view of risk. Is that really good enough safeguarding in 2026?

For roles involving children, vulnerable people or high-trust access, safer recruitment should be treated as a risk decision, not just an administrative sequence.

This is not an argument against DBS, Disclosure Scotland/PVG, AccessNI or any other statutory check. It is an argument against treating any single check as if it carries the whole weight of safeguarding.

This means understanding what DBS and equivalent disclosure checks do well, and where additional visibility is needed. Formal checks, references and statutory guidance should remain the core foundation. They should be supported by a more current, structured and proportionate view of risk.

Different roles carry different levels of access. A nursery worker, teacher, coach, care worker, volunteer, safeguarding lead, IT administrator or contractor will not all present the same risk profile. The same principle still applies: the more access and trust a role carries, the stronger the organisation’s understanding of risk needs to be before access is granted.

This is where safer recruitment often breaks in practice. The process is treated as a list to complete rather than a decision to own. Once the list is complete, the organisation moves on. The list works when it captures the risk. It does not work when the risk sits between the checks.

Modern safeguarding risk does not live neatly in one database. Some of it is formal. Some of it is behavioural. Some of it is digital. Some of it is contextual. Some only becomes meaningful when several small signals are looked at together.

The answer is not simple. The process still needs to be stronger than a single point-in-time check.

Technology helps only if the judgement is still human

AI and digital screening can help organisations see more of the risk picture, but only if they are used properly. The weak version is to scrape everything available, collect too much information and reduce complex human risk to a crude automated score. It would be faster, but it would not be safer.

A defensible approach starts with relevance. What risk categories actually matter for the role? It sets boundaries around what should and should not be considered. It applies the same framework consistently. It includes human review before anything is escalated. It leaves an audit trail so the organisation can explain what was checked, why it mattered and how the decision was made.

The answer is not to outsource judgement to technology. It is to give safeguarding leaders better evidence, a clearer method and a proper record of what was considered before access was granted.

Safer recruitment needs to move towards a better-governed current-risk layer that sits alongside the existing process. DBS, Disclosure Scotland/PVG, AccessNI and traditional checks remain part of the foundation. Informal online digging is not the answer. Structured, relevant and reviewable screening is.

The aim is not to make recruitment more intrusive. The aim is to make high-trust recruitment more defensible.

The question leaders should be asking

For school leaders, nursery groups, trusts, care providers, sports organisations and other regulated environments, the question is no longer just, “Did we do the check?”

The stronger question is, “Did we have a proportionate, current and defensible view of the risk before we granted access?”

The shift is important because it moves the conversation from paperwork to judgement. From process completion to assurance. From compliance on the day to defensibility after the fact.

The Leeds case is rightly prompting review. The lesson should not be limited to one system, one interval or one missed update. The wider lesson is that safer recruitment cannot rely solely on slow-moving records in a fast-moving risk environment.

That is why I think this review matters. Not because one system failed once, but because it exposes a wider weakness we can no longer afford to treat as normal.

If we are serious about protecting children and vulnerable people, the standard has to move. DBS and equivalent disclosure checks need to be part of the answer, but the process around them also needs better visibility, better judgement and clearer ownership.

Safehire wants to be part of that conversation in a practical way. Not by claiming one tool can solve the whole problem, but by helping schools, nurseries, care providers, sports organisations and other high-trust environments build a safer, more current and more defensible process.

For me, that is where the work now sits.

‍