Skip to content
W K
EU AI Act III(4)(a): High Risk

Candidate Screening Agent

One auditable candidate-screening pipeline - CV parsing, resume screening, shortlist generation and continuous bias monitoring - built to satisfy the EU AI Act's high-risk obligations, the EEOC four-fifths rule, NYC Local Law 144 and the UK Equality Act by construction, not retrofit.

AI-bias-audited CV screening: Title VII/EEOC Four-Fifths Rule, EU AI Act 2024 Annex III(4)(a) high-risk AI conformity, NYC Local Law 144 AEDT and UK Equality Act 2010 - Article 14 human oversight.

Analyse your process

A selection from over 5,000 projects in 25 years of software development

Airbus Volkswagen Shell Renault Evonik Vattenfall Philips KPMG

One auditable candidate-screening pipeline across CV parsing, resume screening, shortlist generation and AI bias monitoring

The Agent breaks screening into 13 documented decision steps, each with a defined decider - rules engine, AI agent or human - and per-criterion explainability replacing black-box scoring. Knockout criteria run deterministically through a rules engine (work authorisation, licensure, security clearance). Profile matching runs through AI extraction that gives an individually justified score per requirement, never one composite figure. Bias monitoring runs continuously against the EEOC four-fifths rule with statistical-significance testing. The output is an auditable shortlist that satisfies the EU AI Act's record-keeping, transparency and human-oversight articles by construction, alongside the NYC Local Law 144 bias audit and the UK Equality Act objective-justification standard.

Outcome: For 200 to 800 applications per role across the UK, EU and US, the Agent produces an auditable shortlist instead of a black-box score, with full per-candidate documentation that meets the EU AI Act high-risk deadline (2 August 2026 under current law, provisionally postponed to 2 December 2027 under the Digital Omnibus of 7 May 2026, formal adoption still pending), the NYC Local Law 144 annual independent bias audit, OFCCP Internet Applicant record-keeping, and GDPR Article 22 challengeability with a per-criterion rationale a candidate can dispute. Time-to-shortlist drops from three to six weeks to under one week for a 5,000-employee group, and the auditor finding rate on AI screening falls from a typical 8-15% to under 2%.

54% Rules Engine
31% AI Agent
15% Human

The thirteen deterministic screening steps span every applicable regime - and precisely because each one is fixed by statute, regulation or standard, the pipeline is machine-reproducible and audit-defensible:

The EU AI Act makes every CV-filtering system high-risk, with obligations from 2 August 2026 (postponement to Dec 2027 provisionally agreed - Digital Omnibus, May 2026) - and the EEOC four-fifths rule, NYC Local Law 144 and the UK Equality Act already apply. One auditable screening pipeline answers all of them.

International candidate screening does not run on one regulatory standard - it runs on six overlapping regimes at once across the UK, EU and US. Every AI system that filters job applications in the EU is already a high-risk system under Annex III(4)(a) of the EU AI Act; the high-risk obligations attach from 2 August 2026 under current law, provisionally postponed to 2 December 2027 under the Digital Omnibus of 7 May 2026 (formal adoption still pending, as of June 2026). An organisation that cannot show its conformity assessment, declaration of conformity, CE marking, worker-representative information, fundamental-rights impact assessment, human oversight and record-keeping by that deadline has to take the automation offline until it can. The classification is not changing, so the time should be used to put that documentation in place.

A US-headquartered group with 5,000 employees running 200 to 800 applications per role concurrently faces, all at once: US Title VII, ADEA, ADA, the Equal Pay Act and GINA, with the EEOC four-fifths rule; the OFCCP Internet Applicant Rule and affirmative-action obligations; the NYC Local Law 144 bias audit alongside the Illinois, Maryland and California AI hiring laws; the UK Equality Act with the EHRC Code and the Section 60 health-enquiry prohibition; the GDPR’s automated-decision and impact-assessment rules as read by the CJEU SCHUFA judgment; the EU AI Act itself; and the EU Pay Transparency Directive.

One auditable candidate-screening pipeline

This Agent follows the Decision Layer principle: each decision is either rule-based, AI-assisted, or explicitly assigned to a human - with per-criterion explainability replacing black-box scoring.

The obvious challenge is familiar: 200, 400, sometimes 800 applications per role. Recruiters who, after the fiftieth CV, no longer apply the same standards as for the first. Hiring managers who ask after three weeks why the shortlist is not ready.

The real problem runs deeper. Most organisations using AI in screening do not know how their algorithms evaluate. They do not know the weighting. They cannot explain why Candidate A is on the shortlist and Candidate B is not. That is precisely where risk accumulates - and where each jurisdiction now demands documented architecture.

The Mobley v. Workday case makes this tangible. An applicant sues not the prospective employer but the software vendor whose AI screened him out. The US federal court certifies the claim as a class action - alleging systematic discrimination by age, ethnicity, and disability. A University of Washington study shows: in AI-driven CV screenings, names associated with white ethnicity were preferred in 85% of cases. In some occupational groups, Black male applicants were disadvantaged in 100% of test cases. In the US this exposes both vendors and deployers under the Title VII Section 703(k) burden-shifting test; in the UK the equivalent exposure arises under the Equality Act 2010 indirect-discrimination test.

Every screening failure carries direct cost. In the US, an EEOC charge can run through conciliation to litigation and a consent decree with monetary relief, injunctive relief and ongoing monitoring; an OFCCP notice of violation can mean a conciliation agreement or debarment from federal contracts; NYC Local Law 144 carries daily-accruing penalties; and the Illinois, Maryland, California and Colorado AI laws add overlapping state-level liability. In the UK, Equality Act tribunal awards are uncapped, including aggravated and exemplary damages, and the ICO can fine up to GBP 17.5 million or 4% of global turnover. In the EU, AI Act penalties reach EUR 35 million or 7% of worldwide turnover for prohibited practices, on top of GDPR penalties of up to EUR 20 million or 4% and the CJEU SCHUFA line of Article 22 enforcement.

Why cross-jurisdictional screening needs thirteen steps, not eight

A single-jurisdiction screening takes eight to ten steps; a cross-jurisdictional one needs thirteen, because the regimes overlap. The pipeline runs the EU AI Act conformity gate, GDPR lawful-basis validation, document parsing with protected-characteristic redaction, rule-based knockout, per-criterion AI matching with explainability, continuous bias monitoring, adverse-impact escalation, the per-candidate decision record, recruiter shortlist review, documented decisions, downstream synchronisation, EU pay-transparency handling and periodic AEDT bias-audit reporting - end to end.

A concrete cross-border example: a US-headquartered S&P 500 manufacturer with 5,000 employees - 3,200 across 14 US states (including 250 NYC roles), 1,200 in the UK and 600 in the EU - with 280 open requisitions and 65,000 applications a year. That produces 65,000 EU AI Act decision records, 250 NYC Local Law 144 audit submissions, 3,200 EEO-1 entries, 280 OFCCP Internet Applicant logs, 1,200 UK tribunal-defence dossiers, 600 GDPR challenge-mechanism records, and the quarterly bias-monitoring reports and annual conformity-assessment refresh.

In the Decision Layer, seven of the thirteen steps are rule-engine decisions - the conformity gate, lawful-basis validation, knockout criteria, adverse-impact escalation, decision-record generation, pay-transparency handling and periodic audit reporting. Four are AI-augmented: document parsing with redaction, per-criterion matching, bias monitoring and downstream synchronisation. Two require human judgement - recruiter shortlist review with the structured-interview kit, and documented decisions with a protected-characteristic neutrality attestation. Every step carries a timestamp, decider type, rationale and challenge mechanism.

What sets screening apart from audit and compliance

Six dimensions distinguish this Agent from generalised HR audit support. First, CV parsing with provenance tracking and protected-characteristic redaction - name, photo, age, gendered pronouns and alma-mater proxies. Second, rule-based knockout criteria for work authorisation, regulated-profession licensure and security clearance. Third, per-criterion AI matching with individually justified scores, never one composite black-box figure. Fourth, continuous bias monitoring against the EEOC four-fifths rule with statistical-significance testing and Hazelwood standard-deviation analysis. Fifth, the EU AI Act high-risk conformity assessment, CE marking, fundamental-rights impact assessment, human oversight and record-keeping. Sixth, the NYC Local Law 144 annual independent bias audit, with its ten-business-day candidate notice and public posting.

The architecture satisfies the EU AI Act’s record-keeping, transparency and human-oversight requirements by construction, not retrofit. Human oversight is real: no committee can manually review 400 applications and exercise oversight at the same time, but it can review a shortlist with documented per-criterion assessments and trace why one candidate scored 89 on competence fit and another scored 61. Transparency is real: a rejected applicant learns which named requirement the application failed on, not an aggregate score that explains nothing. And the records that enable later evaluation are the Decision Log itself - every step with its timestamp, decider type and rationale, captured as a core function rather than a by-product.

Cross-system integration

The Agent integrates with the full global recruiting stack: Workday Recruiting, SAP SuccessFactors Recruiting, Oracle Recruiting Cloud and ADP Recruiting Management for HCM-embedded ATS. For dedicated applicant tracking it connects to Greenhouse and Greenhouse Inclusion, Lever, iCIMS, SmartRecruiters, Workable, Recruitee, JazzHR, BreezyHR, Bullhorn, Avature, Lattice Recruiting, Personio Recruiting and BambooHR. For AI talent intelligence it connects to Eightfold, Beamery, HiringSolved, Hiretual and Pymetrics; for video interviewing and assessment to HireVue, Modern Hire and Plum; and for executive search and RPO to Korn Ferry, Heidrick & Struggles, Russell Reynolds and the major consultancies. The Candidate Screening Agent is the litmus test for high-risk governance readiness - an organisation that can deploy it in full EU AI Act compliance can deploy any Annex III high-risk agent.

Micro-Decision Table

Who decides in this agent?

13 decision steps, split by decider

54%(7/13)
Rules Engine
deterministic
31%(4/13)
AI Agent
model-based with confidence
15%(2/13)
Human
explicitly assigned
Human
Rules Engine
AI Agent
Each row is a decision. Expand to see the decision record and whether it can be challenged.
Confirm EU AI Act high-risk classification and conformity before screening Is the screening system high-risk under EU AI Act Annex III(4)(a) for recruitment and selection, and is it lawful to deploy? Has the provider completed the Article 16 conformity assessment, issued the EU declaration of conformity and affixed the CE marking, and has the deployer completed the fundamental-rights impact assessment and informed worker representatives? Rules Engine Auditor

A deterministic compliance gate under the EU AI Act: the screening of candidates is high-risk under Annex III(4)(a), so without the Article 16 conformity assessment, the CE marking, the fundamental-rights impact assessment and worker-representative consultation, the system does not meet the high-risk obligations once their deadline applies - 2 August 2026 under current law, provisionally postponed to 2 December 2027 under the Digital Omnibus of 7 May 2026 (formal adoption still pending, as of June 2026).

Decision Record

Rule ID and version number
Input data that triggered the rule
Calculation result and applied formula

Challengeable: Yes - rule application verifiable. Objection possible for incorrect data or wrong rule version.

Challengeable by: Auditor

Validate the GDPR lawful basis for processing each applicant What is the lawful basis for processing each candidate's personal data? Pre-contractual measures under Article 6(1)(b) for shortlist generation; legitimate interests under Article 6(1)(f), with a documented balancing test, for talent-pipeline development; the Article 9(2)(b) employment exception for any diversity monitoring; and, for any solely automated decision, Article 22 explicit consent or contract necessity with safeguards (human intervention, the right to express a view and to contest). The EU Pay Transparency Directive's ban on pay-history questions also applies. Rules Engine Auditor

Lawful-basis classification is deterministic under GDPR Articles 6, 9 and 22, following the EDPB guidance and the CJEU SCHUFA judgment, which treats credit-score-style profiling as an Article 22 decision. The EU Pay Transparency Directive's pay-history prohibition and the UK ICO guidance on AI also apply, as do the Member State employment derogations under Article 88.

Decision Record

Rule ID and version number
Input data that triggered the rule
Calculation result and applied formula

Challengeable: Yes - rule application verifiable. Objection possible for incorrect data or wrong rule version.

Challengeable by: Auditor

Parse application documents into structured data with provenance How should structured data be extracted from the CV, cover letter, application form, LinkedIn profile and portfolio? Document parsing combined with AI extraction, with per-field provenance (source document, location, confidence), and mandatory exclusion of GINA-prohibited genetic information and of protected-characteristic markers (age, race and disability proxies, religion, sexual orientation, marital and parental status) under Title VII, the ADA, GINA and the UK Equality Act's nine protected characteristics. AI Agent

AI-driven document parsing with deterministic redaction of protected characteristics. The AI extracts structured data from the varied formats of a CV, cover letter and LinkedIn profile; a deterministic redaction layer then strips name, photo, age, address and alma-mater proxies and gendered pronouns before any matching, to reduce disparate-impact risk under the EEOC four-fifths rule.

Decision Record

Model version and confidence score
Input data and classification result
Decision rationale (explainability)
Audit trail with full traceability

Challengeable: Yes - fully documented, reviewable by humans, objection via formal process.

Challengeable by:

Apply rule-based knockout criteria for statutory minimum qualifications Which knockout criteria apply? Work authorisation (US I-9 and E-Verify, UK Right to Work and Skilled Worker visa, or the EU Member State equivalent); regulated-profession licensure (medical, legal, accounting, engineering); statutory minimum age; the required security-clearance level; and any language requirement that is documented as a bona fide occupational requirement under Title VII or the UK Equality Act objective-justification test. Rules Engine

Knockout criteria run deterministically through the rule engine, with no AI judgement. A bona fide occupational qualification under Title VII or the UK Equality Act objective-justification test must be documented and minimally restrictive. Work authorisation is checked against the relevant immigration law, and licensure against the state board, UK regulator or EU professional-qualifications recognition under Directive 2005/36/EC.

Decision Record

Rule ID and version number
Input data that triggered the rule
Calculation result and applied formula

Challengeable: Yes - rule application verifiable. Objection possible for incorrect data or wrong rule version.

Challengeable by:

Match qualifications to the requirement profile with per-criterion scoring For each requirement-profile criterion (technical skills, years of experience, industry background, education, certifications, language, portfolio), what is the candidate's match score from 0 to 100, with a rationale citing specific CV evidence and the weighting? The AI gives an explainable partial score per criterion, never a single black-box composite, and the weights are validated against bona fide occupational qualifications and reviewed quarterly for disparate-impact risk. AI Agent

AI-driven semantic matching with per-criterion explainability addresses the EU AI Act's transparency and human-oversight requirements, the EEOC validation rules and the UK Equality Act objective-justification test for indirect discrimination. The per-criterion rationale also gives the candidate a basis to challenge the decision under GDPR Article 22 - the rights to human intervention, to express a view, to contest and to an explanation.

Decision Record

Model version and confidence score
Input data and classification result
Decision rationale (explainability)
Audit trail with full traceability

Challengeable: Yes - fully documented, reviewable by humans, objection via formal process.

Challengeable by:

Run continuous bias monitoring against the EEOC four-fifths rule Across the candidate pool, what is the selection rate per protected group (race-ethnicity per EEO-1 categories, sex, age 40+, disability, veteran status), and what is the impact ratio against the highest-rate group? Does any group fall below the 0.80 four-fifths threshold, and is the disparity statistically significant on Fisher's Exact, chi-square or a Z-test for two proportions at p<0.05? AI Agent Auditor

Statistical fairness analysis applies the EEOC Uniform Guidelines, the four-fifths rule and the Hazelwood standard-deviation tests. It also feeds the NYC Local Law 144 annual independent audit of selection rate and impact ratio, and the EU AI Act's data-quality and accuracy requirements. Thresholds are configured per jurisdiction.

Decision Record

Model version and confidence score
Input data and classification result
Decision rationale (explainability)
Audit trail with full traceability

Challengeable: Yes - fully documented, reviewable by humans, objection via formal process.

Challengeable by: Auditor

Escalate any adverse-impact finding to the compliance team If the four-fifths rule or the significance threshold is breached, what is the escalation? Pause shortlist generation; alert the compliance team, the DPO and the EU AI Act human-oversight controller; and generate an adverse-impact report covering the affected group, the impact ratio and significance, a business-necessity review and a less-discriminatory-alternative analysis under the Title VII Section 703(k) burden-shifting framework. Rules Engine Auditor

Threshold-based alerting under the Title VII disparate-impact framework, the EEOC Uniform Guidelines, the NYC Local Law 144 remediation requirement and the EU AI Act's corrective-action duty. An auto-pause prevents continued use of a biased system pending the business-necessity review and a less-discriminatory-alternative analysis.

Decision Record

Rule ID and version number
Input data that triggered the rule
Calculation result and applied formula

Challengeable: Yes - rule application verifiable. Objection possible for incorrect data or wrong rule version.

Challengeable by: Auditor

Generate the per-candidate decision record with a challenge mechanism What should each candidate's decision record contain? The candidate and job IDs and timestamp; the filters applied and knockout results; the per-criterion match scores, rationale and AI confidence; the bias-monitoring snapshot; any recruiter override; the final decision (advance, reject or hold); the GDPR Article 13/14 transparency notice and Article 22 challenge mechanism, plus the ten-business-day NYC Local Law 144 notice for NYC roles; and the retention schedule (two years for OFCCP Internet Applicant data, the UK Equality Act six-month claim window, and GDPR storage limitation). Rules Engine

Decision-record generation is deterministic, covering the EU AI Act's record-keeping and transparency articles, the GDPR information and contest rights, OFCCP Internet Applicant record-keeping, the NYC Local Law 144 candidate notice and the EEO-1 reporting feed. The record format is harmonised for cross-jurisdiction audit.

Decision Record

Rule ID and version number
Input data that triggered the rule
Calculation result and applied formula

Challengeable: Yes - rule application verifiable. Objection possible for incorrect data or wrong rule version.

Challengeable by:

Recruiter reviews the shortlist with a structured interview kit How does the recruiter evaluate each shortlisted candidate against the requirement profile? Using a structured-interview kit with consistent questions across all candidates (meeting the Title VII and UK Equality Act objective-justification standard), a blinded comparator review of each criterion against the cohort distribution, and the authority to override the AI score where it conflicts with the recruiter's assessment, with a documented rationale. Human

A human decision is required under the EU AI Act's human-oversight article and the GDPR prohibition on solely automated decisions, as well as Title VII and the UK Equality Act. The structured-interview method is validated by the Schmidt and Hunter 1998 meta-analysis, which shows structured interviews predict job performance more reliably than unstructured ones (r=0.51 versus r=0.38). The Agent provides structure for the recruiter's judgement, never the verdict.

Decision Record

Decider ID and role
Decision rationale
Timestamp and context

Challengeable: Yes - via manager, works council, or formal objection process.

Challengeable by:

Document the recruiter's decision with a neutrality attestation What does the recruiter record for the screening decision? The decision (advance, reject or hold); a rationale citing specific job-requirement criteria and interview evidence; an override rationale where it differs from the AI score; an attestation of protected-characteristic neutrality and structured-interview consistency; and, where an adverse-impact alert was raised, the consideration of less-discriminatory alternatives - all persisted in the immutable Decision Log, which the EU AI Act requires deployers to retain for at least six months. Human

Documentation is mandatory under the EU AI Act's record-keeping and deployer-log articles, the EEOC Uniform Guidelines, the OFCCP Internet Applicant Rule and the UK Equality Act evidential burden in tribunal claims. It also underpins GDPR Article 22 challengeability and the Section 703(k) burden-shifting test under Title VII.

Decision Record

Decider ID and role
Decision rationale
Timestamp and context

Challengeable: Yes - via manager, works council, or formal objection process.

Challengeable by:

Synchronise the final decision with the ATS, EEO/OFCCP reporting and CRM Has the screening decision reached every downstream system? The ATS candidate status (Workday, SAP SuccessFactors, Oracle Recruiting Cloud, Greenhouse, Lever, iCIMS, Personio); the EEO-1, VETS-4212 and OFCCP Internet Applicant record-keeping feed; the NYC Local Law 144 audit-data feed for NYC roles; the candidate-relationship system for talent-pool development, with explicit consent under GDPR Article 6(1)(a); and the rejection notification carrying the Article 13/14 transparency information, the Article 22 challenge mechanism and the NYC ten-business-day notice? AI Agent Auditor

Downstream synchronisation is automated via SCIM, REST APIs and SFTP feeds. The AI surfaces synchronisation failures for human review rather than auto-correcting a decision error, and the integration is tested for cross-jurisdiction record-keeping consistency.

Decision Record

Model version and confidence score
Input data and classification result
Decision rationale (explainability)
Audit trail with full traceability

Challengeable: Yes - fully documented, reviewable by humans, objection via formal process.

Challengeable by: Auditor

Handle EU pay-transparency rules and cross-border applicant data For EU and UK applicants, what cross-border compliance applies? The EU Pay Transparency Directive's ban on pay-history questions, with mandatory pay disclosure in the vacancy notice or before interview, gender-neutral job titles and descriptions, and a reversed burden of proof in pay-discrimination claims; plus a cross-border transfer assessment under GDPR Chapter V, relying on the EU-US Data Privacy Framework and the US-UK Data Bridge. Rules Engine

Cross-border compliance is deterministic under the EU Pay Transparency Directive, the UK Equality Act and gender pay gap reporting, and the GDPR Chapter V transfer rules. Transatlantic transfers rely on the EU-US Data Privacy Framework and the US-UK Data Bridge.

Decision Record

Rule ID and version number
Input data that triggered the rule
Calculation result and applied formula

Challengeable: Yes - rule application verifiable. Objection possible for incorrect data or wrong rule version.

Challengeable by:

Generate the periodic AEDT bias audit and EEO-1, VETS-4212 and OFCCP filings Which periodic compliance reports are generated? The NYC Local Law 144 annual independent AEDT bias audit covering selection rate and impact ratio across sex, race-ethnicity and intersectional EEO-1 categories, with public posting and the ten-business-day candidate notice; the annual EEO-1 Component 1 filing; the annual VETS-4212 protected-veteran filing; the two-year OFCCP Internet Applicant record-keeping; and the EU AI Act record-keeping and deployer logs (six-month minimum). Rules Engine Auditor

Periodic compliance reporting is deterministic, driven by the fixed deadlines of the NYC Local Law 144 annual audit, the EEO-1 and VETS-4212 filings, OFCCP record-keeping retention and the EU AI Act's record-keeping articles. The NYC Local Law 144 audit must be performed by an independent third-party firm under the Department of Consumer and Worker Protection rule.

Decision Record

Rule ID and version number
Input data that triggered the rule
Calculation result and applied formula

Challengeable: Yes - rule application verifiable. Objection possible for incorrect data or wrong rule version.

Challengeable by: Auditor

Decision Record and Right to Challenge

Every decision this agent makes or prepares is documented in a complete decision record. Affected employees can review, understand, and challenge every individual decision.

Which rule in which version was applied?
What data was the decision based on?
Who (human, rules engine, or AI) decided - and why?
How can the affected person file an objection?
How the Decision Layer enforces this architecturally →

Does this agent fit your process?

We analyse your specific HR process and show how this agent fits into your system landscape. 30 minutes, no preparation needed.

Analyse your process

Governance Notes

EU AI Act III(4)(a): High Risk
Of the thirteen steps, seven are deterministic, four are AI-augmented (document parsing, profile matching, bias monitoring and downstream synchronisation) and two require human judgement (recruiter shortlist review and decision documentation). The Agent is unambiguously a high-risk AI system under the EU AI Act, because Annex III(4)(a) covers recruitment and selection. That makes the Article 16 conformity assessment, the EU declaration of conformity, the CE marking and EU AI database registration mandatory; the deployer must inform worker representatives before introducing the system and complete a fundamental-rights impact assessment. Bias monitoring runs continuously under the Act's data-quality and accuracy articles and the EEOC four-fifths rule with Hazelwood standard-deviation analysis. The GDPR Article 22 right not to be subject to a solely automated decision is strictly enforced - the Agent structures the recruiter's judgement but never the verdict - and the Act's human-oversight article requires individuals with the necessary competence and authority. Retention varies by jurisdiction: two years for OFCCP Internet Applicant data, a six-month tribunal window under the UK Equality Act, a six-month minimum for EU AI Act deployer logs, and the lawful-basis minimum for GDPR personal data. Screening records carry sensitive personal data under UK and EU GDPR (including Article 9 special-category data and Article 22 safeguards), the US state privacy laws and the EEOC confidentiality rules. For audit purposes, candidate-data confidentiality and screening-decision integrity are routinely material at SEC registrants and FTSE 350 groups, and the Decision Log supplies the design and operating-effectiveness evidence. The Agent enforces role-based access, encryption in transit and at rest, a quarterly-reviewed access log, an annual SOC 2 Type II audit, the annual independent AEDT bias audit under NYC Local Law 144, and EU AI Act post-market monitoring.

Assessment

Agent Readiness 64-71%
Governance Complexity 74-81%
Economic Impact 78-85%
Lighthouse Effect 76-83%
Implementation Complexity 51-58%
Transaction Volume Daily

Prerequisites

  • Cloud HCM-embedded or dedicated ATS with API access: Workday Recruiting plus Talent Optimization plus Skills Cloud, SAP SuccessFactors Recruiting plus Recruiting Marketing plus Onboarding, Oracle Recruiting Cloud plus Talent Acquisition Cloud, Greenhouse Recruiting plus Greenhouse Inclusion plus Greenhouse Connect, Lever ATS plus LeverTRM, iCIMS Talent Cloud, Personio Recruiting (DACH plus EU), SmartRecruiters, Workable, Recruitee, BambooHR ATS - with full per-applicant record access including application date, source, requirement-profile match, recruiter disposition, plus complete decision history
  • AI-talent-intelligence integration: Eightfold AI Talent Intelligence, Beamery, HiringSolved, Hiretual, Pymetrics, HireVue Video Interviewing, Modern Hire (HireVue), Plum - subject to EU AI Act 2024 Annex III(4)(a) high-risk AI compliance plus NYC Local Law 144 AEDT bias-audit requirement plus Illinois HB 645 plus Maryland HB 1202 consent requirements plus EEOC Strategic Enforcement Plan AI scrutiny plus FTC Section 5 oversight
  • EU AI Act conformity assessment documentation per Article 16 (Annex VI internal control or Annex VII third-party route), EU declaration of conformity per Article 47, CE marking per Article 48, registration in EU AI database per Article 71, plus deployer fundamental rights impact assessment per Article 27, plus Article 26(7) worker-representative information
  • Bias monitoring framework per EEOC Uniform Guidelines on Employee Selection Procedures 29 CFR Part 1607 with Four-Fifths Rule plus standard-deviation analysis per Hazelwood plus statistical-significance testing (Fisher's Exact Test, Chi-Square, Z-test); plus NYC Local Law 144 annual independent third-party AEDT bias audit; plus EU AI Act Article 10 data quality plus Article 15 accuracy
  • Decision logging infrastructure per EU AI Act Article 12 record-keeping plus Article 26(6) deployer logs (6 months minimum) plus OFCCP Internet Applicant Rule 41 CFR 60-1.12 recordkeeping (2 years federal contractor) plus UK Equality Act tribunal disclosure plus GDPR Article 22 challengeability plus retention schedule per OFCCP plus EEOC plus EU Member State
  • Works council or worker representative consultation per EU AI Act Article 26(7) plus German BetrVG (Works Constitution Act) plus French CSE (Comité Social et Économique) plus Italian Statuto dei Lavoratori plus Netherlands COR plus EU Information and Consultation Directive 2002/14/EC;
  • Data Protection Impact Assessment per GDPR Article 35 plus UK GDPR plus ICO Guidance on AI and Data Protection 2023 plus EDPB Guidelines on Article 22 automated decision-making plus CNIL Guidance plus BfDI Guidance plus Garante Privacy Guidance plus AEPD Guidance
  • Human-in-the-loop workflow ensuring no Article 22 GDPR solely-automated decisions plus EU AI Act Article 14 human oversight by individuals with necessary competence plus training plus authority to interpret AI output, decide not to use, override, or intervene
  • OFCCP Internet Applicant recordkeeping platform plus EEO-1 Component 1 plus VETS-4212 protected-veteran reporting plus NYC Local Law 144 annual audit posting plus state-level pay-data reporting (California SB 1162 plus Colorado plus Illinois plus Massachusetts plus New York plus Washington)

Infrastructure Contribution

The Candidate Screening Agent is the litmus test for high-risk governance readiness. An organisation that can deploy this Agent in full EU AI Act compliance - conformity assessment, CE marking, fundamental-rights impact assessment, worker-representative information, human oversight, record-keeping, transparency and continuous bias monitoring - can deploy any Annex III high-risk agent. The governance infrastructure validated here transfers directly to the Performance Review Documentation, Merit Cycle Governance, Promotion Process and Pre-Hire Due Diligence Agents. It builds the Decision Logging and Audit Trail the Decision Layer uses to make every decision traceable and challengeable.

What this assessment contains: 9 slides for your leadership team

Personalised with your numbers. Generated in 2 minutes directly in your browser. No upload, no login.

  1. 1

    Title slide - Process name, decision points, automation potential

  2. 2

    Executive summary - FTE freed, cost per transaction before/after, break-even date, cost of waiting

  3. 3

    Current state - Transaction volume, error costs, growth scenario with FTE comparison

  4. 4

    Solution architecture - Human - rules engine - AI agent with specific decision points

  5. 5

    Governance - EU AI Act, works council, audit trail - with traffic light status

  6. 6

    Risk analysis - 5 risks with likelihood, impact and mitigation

  7. 7

    Roadmap - 3-phase plan with concrete calendar dates and Go/No-Go

  8. 8

    Business case - 3-scenario comparison (do nothing/hire/automate) plus 3×3 sensitivity matrix

  9. 9

    Discussion proposal - Concrete next steps with timeline and responsibilities

Includes: 3-scenario comparison

Do nothing vs. new hire vs. automation - with your salary level, your error rate and your growth plan. The one slide your CFO wants to see first.

Show calculation methodology

Hourly rate: Annual salary (your input) × 1.3 employer burden ÷ 1,720 annual work hours

Savings: Transactions × 12 × automation rate × minutes/transaction × hourly rate × economic factor

Quality ROI: Error reduction × transactions × 12 × EUR 260/error (APQC Open Standards Benchmarking)

FTE: Saved hours ÷ 1,720 annual work hours

Break-Even: Benchmark investment ÷ monthly combined savings (efficiency + quality)

New hire: Annual salary × 1.3 + EUR 12,000 recruiting per FTE

All data stays in your browser. Nothing is transmitted to any server.

Candidate Screening Agent

Initial assessment for your leadership team

A thorough initial assessment in 2 minutes - with your numbers, your risk profile and industry benchmarks. No vendor logo, no sales pitch.

All data stays in your browser. Nothing is transmitted.

Agent Blueprint Available

A full blueprint for Candidate Screening Agent is available with micro-decision decomposition, industry variants, and implementation details.

View Blueprint

Related Agents

Executive Recruiting Agent

Runs a confidential C-suite search across US, UK and EU governance - coordinating the Audit, Compensation and Nomination Committees, modelling executive pay, and meeting its EU AI Act high-risk obligations with a pay-equity check and a human decision at every gate.

W K
EU AI Act III(4)(a): High Risk
Readiness: 51-58%
Economic: 66-73%
Governance: 81-88%
Micro-Decisions: 14
Monthly

Interview Scheduling Agent

One auditable interview-scheduling pipeline that stays Title VII compliant - pay ranges disclosed where the law requires, a bias audit on every slot proposal under EU AI Act Annex III(4)(a), and ADA accommodation built in - across the UK, EU and US.

W
EU AI Act III(4)(a): High Risk
Readiness: 78-85%
Economic: 66-73%
Governance: 58-65%
Micro-Decisions: 14
Daily

Job Posting Agent

Publish compliant, consistent job postings - across every channel, every language.

D K
EU AI Act III(4)(a): High Risk
Readiness: 71-78%
Economic: 56-63%
Governance: 58-65%
Micro-Decisions: 8
Weekly

Frequently Asked Questions

How does the Agent meet the EU AI Act's high-risk obligations - conformity assessment, CE marking, worker-representative information and the fundamental-rights impact assessment - for candidate-screening AI?

Candidate-screening AI is unambiguously high-risk under EU AI Act Article 6 and Annex III(4)(a), which covers systems used to recruit or select people - placing targeted job ads, filtering applications and evaluating candidates - with a compliance deadline of 2 August 2026 under current law (provisionally postponed to 2 December 2027 under the Digital Omnibus of 7 May 2026, formal adoption still pending). The Agent meets the Act in five phases. First, it establishes who carries which obligations: a provider-developed system triggers the full provider duties (risk management, data quality, technical documentation, record-keeping, transparency, human oversight, accuracy, the conformity assessment, the declaration of conformity and CE marking), while a deployer-customised one triggers the deployer duties. Second, it completes the deployer obligations: the fundamental-rights impact assessment covering affected groups, foreseeable risks, mitigations and oversight; informing worker representatives before introducing the system; ensuring the input data is relevant and representative; monitoring for serious incidents; and keeping the automatically generated logs for at least six months. Third, it implements the Article 9 risk-management system across the lifecycle, tied into the quality-management system, corrective action and the 15-day serious-incident reporting. Fourth, it provides Article 13 transparency to deployers - instructions, capabilities, limitations, accuracy and risks - and ensures Article 14 human oversight by people with the competence and authority to interpret, override or set aside the AI output. Fifth, it completes the Article 16 conformity assessment (internal control by default, or the third-party route where no harmonised standard applies), issues the declaration of conformity and CE marking, registers the system in the EU AI database, and cooperates with market surveillance.

How does the Agent run EEOC four-fifths-rule and disparate-impact analysis under Title VII, the ADA, GINA and the EEOC Uniform Guidelines?

Disparate-impact analysis is operationally complex, because Title VII, the ADEA, the ADA and GINA each set distinct protected-characteristic frameworks, and the EEOC Uniform Guidelines establish the four-fifths rule - a selection rate below 80% of the highest-rate group - as the standard adverse-impact threshold under Griggs v Duke Power, alongside the Hazelwood standard-deviation framework. The Agent runs the analysis in five phases. First, it identifies protected groups by the EEO-1 race-ethnicity categories, sex, age 40+, disability and protected-veteran status, collecting demographic data through voluntary self-identification on a channel separate from the selection process to respect the GINA prohibition. Second, it calculates each group's selection rate as the number selected over the number considered (using the OFCCP Internet Applicant definition) and the impact ratio against the highest-rate group. Third, it applies the four-fifths test - an impact ratio below 0.80 signals adverse impact - supplemented by significance testing (Fisher's Exact, chi-square, a Z-test) and the Hazelwood standard-deviation analysis. Fourth, where adverse impact is found, it documents the business-necessity justification under the Section 703(k) burden-shifting framework (job-related, consistent with business necessity, with less-discriminatory alternatives considered) and the Uniform Guidelines validation evidence. Fifth, if business necessity isn't established or an alternative exists, it modifies the selection procedure and documents the analysis and remediation for the OFCCP two-year record-keeping, the EEO-1 reporting and the NYC Local Law 144 annual audit.

How does the Agent handle OFCCP federal-contractor obligations - the Internet Applicant Rule, affirmative-action programmes and pre-offer self-identification?

Federal-contractor obligations under the OFCCP go beyond the EEOC standards, because Executive Order 11246, Section 503 and VEVRAA require affirmative-action programmes, protected-veteran and disability self-identification, and Internet Applicant record-keeping for everyone who meets a four-part test. The Agent runs compliance in five phases. First, it determines coverage from the federal-contract value (USD 50,000+ for Executive Order 11246 and Section 503, USD 150,000+ for VEVRAA), tying into SAM.gov and the federal-contract records. Second, it applies the 41 CFR 60-1.12 four-part Internet Applicant test - the individual expressed interest electronically, was considered for the role, met the basic qualifications and did not withdraw - and records each applicant's self-identified race-ethnicity, sex, veteran and disability status against the 7% utilisation goal. Third, it maintains the affirmative-action programme: organisational profile, job-group and availability analysis, utilisation analysis, goals and action-oriented programmes, ready for a Corporate Management Compliance Evaluation or desk and on-site audits. Fourth, it collects pre-offer veteran and disability self-identification with the required wording, on a separate document held apart from the personnel file, respecting the ADA pre-offer inquiry restriction and the GINA prohibition. Fifth, it retains Internet Applicant data for two years, responds to an OFCCP audit with the itemised applicant listing, and feeds the VETS-4212 and EEO-1 filings and the Notice-of-Violation and conciliation workflow.

How does the Agent comply with the US state AI hiring laws - NYC Local Law 144, the Illinois and Maryland consent rules and California's pay-disclosure rules?

The US state AI hiring laws create overlapping requirements: NYC Local Law 144 (effective 5 July 2023) was the first bias-audit mandate, followed by Illinois HB 645, Maryland HB 1202, California SB 1162 and the Colorado AI Act. The Agent runs compliance in five phases. First, it determines whether the screening tool is an Automated Employment Decision Tool under the NYC rule - a machine-learning or statistical process that issues a score, classification or recommendation to substantially assist or replace discretionary hiring decisions for NYC candidates, including remote roles where the employee lives in NYC. Second, it commissions the annual independent bias audit (by a firm separate from both the vendor and the employer) covering selection rate and impact ratio across sex, race-ethnicity and intersectional categories, posting the summary on the employer's website. Third, it provides the ten-business-day candidate notice before the tool is used, naming the characteristics evaluated and the accommodation or alternative-process mechanism. Fourth, it manages the Illinois and Maryland consent rules: consent before an AI video interview, with notice of the evaluation and video destruction within 30 days, and consent before any facial recognition, integrating with HireVue and a consent-management workflow. Fifth, it meets California SB 1162's pay-scale disclosure in job postings and pay-data reporting, and the Colorado AI Act's deployer duties - an impact assessment, consumer notification and reasonable care to avoid algorithmic discrimination.

How does the Agent apply the UK Equality Act 2010 - the Section 60 health-enquiry ban, the indirect-discrimination test and the reasonable-adjustment duty?

The UK Equality Act 2010 is the most consolidated discrimination framework, covering nine protected characteristics with distinct rules for direct and indirect discrimination, harassment, victimisation, the reasonable-adjustment duty and the public-sector equality duty. The Agent runs compliance in five phases. First, it identifies the nine protected characteristics under Section 4 and structures data collection, monitoring and reporting to the ICO Employment Practices Code and the EHRC Code of Practice. Second, it applies the Section 60 ban on pre-employment health enquiries, allowing only the narrow exceptions - intrinsic-function questions, diversity monitoring, positive action for disabled people, ensuring access to the process, or a genuine occupational requirement - and ties into the reasonable-adjustment workflow. Third, it tests each requirement criterion against the Section 19 indirect-discrimination test: a provision, criterion or practice applied to all, a particular disadvantage to a protected group, individual disadvantage, and objective justification as a proportionate means of a legitimate aim, documenting the business-necessity rationale and any less-discriminatory alternative. Fourth, it operationalises the Section 20 reasonable-adjustment duty across practices, physical features and auxiliary aids, with disability self-identification, the interactive process and a reasonable-cost analysis. Fifth, it maintains tribunal-defence documentation - structured-interview consistency, criterion application and rationale, the reasonable-adjustment offer and alternatives considered - ready for an EHRC investigation or tribunal disclosure.

How does the Agent integrate with Workday Recruiting, SAP SuccessFactors Recruiting, Oracle Recruiting Cloud, Greenhouse, Lever, iCIMS, Eightfold AI, Pymetrics, HireVue, and Personio Recruiting?

The candidate-screening landscape spans five layers - the HCM-embedded ATS, the dedicated ATS, AI talent intelligence, video interviewing and assessment - and the Agent acts as the integration point across all five, gated by EU AI Act compliance. On the HCM-embedded layer, Workday Recruiting brings cloud-native recruiting with structured profiles, competency-based screening and internal-mobility and referral workflows; SAP SuccessFactors Recruiting offers an enterprise suite with 50+ country localisation tied into SAP S/4HANA HR; Oracle Recruiting Cloud integrates with Oracle Fusion HCM; and ADP Recruiting Management ties into ADP Workforce Now payroll. On the dedicated-ATS layer, Greenhouse and Greenhouse Inclusion lead for tech and high-growth companies with structured-interview kits, scorecards and blind initial screening; Lever combines an ATS and CRM with passive-candidate sourcing; iCIMS serves regulated industries needing OFCCP record-keeping; SmartRecruiters, Workable, Recruitee, JazzHR, BreezyHR, Bullhorn, Avature and Lattice Recruiting cover the SMB, mid-market and staffing-agency segments; and Personio dominates the DACH and EU mid-market. On the AI talent-intelligence layer, Eightfold, Beamery, HiringSolved and Hiretual provide skills-graph matching, internal-mobility recommendations and diversity sourcing - all high-risk under the EU AI Act and subject to the NYC Local Law 144 bias audit. On the video-interviewing and assessment layer, HireVue, Modern Hire, Pymetrics and Plum provide video, game-based and personality assessment, subject to the Illinois and Maryland consent rules and the ADA accommodation framework. And for executive search and RPO, Korn Ferry, Heidrick & Struggles, Russell Reynolds and the major consultancies provide senior recruiting and assessment validation. The Agent acts as the upstream conformity-assessment, bias-monitoring and human-oversight layer feeding the ATS workflow, or the orchestration layer where business units run different ATS systems after an acquisition.

What Happens Next?

1

30 minutes

Initial call

We analyse your process and identify the optimal starting point.

2

1 week

Discover

Mapping your decision logic. Rule sets documented, Decision Layer designed.

3

3-4 weeks

Build

Production agent in your infrastructure. Governance, audit trail, cert-ready from day 1.

4

12-18 months

Self-sufficient

Full access to source code, prompts and rule versions. No vendor lock-in.

Implement This Agent?

We assess your process landscape and show how this agent fits into your infrastructure.