On October 23, 2008, the Department of Homeland Security (DHS) released an advance copy of its supplemental final no-match safe harbor regulation initially issued in August 2007. The original regulation was set to take effect in September 2007 but was enjoined by the U.S. District Court for the Northern District of California. The revised regulation is expected to be published in the Federal Register any day, and will take effect immediately. Of course, it is possible (even likely) that another lawsuit may be filed seeking to block this final regulation.

While the substance of the regulation has not changed, DHS did address the two main concerns that lead the court to enjoin the original regulation. First, the preamble of the new regulation clarifies that employers will be considered to have constructive knowledge only if they receive a no-match letter from the Social Security Administration (SSA). That is, DHS will not impute constructive knowledge based on any other communication from the SSA. Second, DHS explained that it would not take action based on no-match letters involving employees hired before November 6, 1986 (the date the Immigration Reform and Control Act was enacted).

The revised regulation outlines the steps an employer must take in order to benefit from a “safe harbor” if the employee named in a no-match letter turns out to be an unauthorized worker. Upon receipt of a no-match letter, the employer should check internal records and either make appropriate corrections or ask the employee to correct the discrepancy within 90 days. Once the discrepancy is resolved, the employer should update the relevant I-9 paperwork and notify agencies of the correction. If the discrepancy cannot be resolved within 90 days, the employer must complete a new I-9 form for the employee by the 93rd day. In completing this new I-9, the employer may not accept any document with the social security number contained in the no-match letter. In addition, the new verification document must include a photo. If the employer is still unable to verify the identity and employment authorization of the employee, the safest course of action is to terminate the employee, or risk facing charges.

Employers should develop and implement a policy to ensure compliance with the process described in our August 2007 Employer Alert. Employers should note, however, that no-match letters were not issued in 2007 and will most likely not be issued in 2008.