EU AI Act for HR & Recruitment: Hiring AI Compliance
AI used to screen CVs, analyse interviews, allocate tasks, and drive promotion or termination decisions is explicitly high-risk under Annex III point 4 of the EU AI Act. This guide covers the interplay with worker-consultation duties and — for firms hiring in the US — NYC Local Law 144 and the EEOC, plus what Articles 13 and 14 require.
EU AI Act for HR & Recruitment: Hiring AI Compliance
AI used to screen CVs, analyse interviews, allocate tasks, and drive promotion or termination decisions is explicitly high-risk under Annex III point 4 of the EU AI Act. This guide covers the interplay with worker-consultation duties and — for firms hiring in the US — NYC Local Law 144 and the EEOC, plus what Articles 13 and 14 require.
Last updated: July 4, 2026
Which HR AI Is High-Risk
Annex III point 4 covers employment and worker management in two parts:
- Point 4(a) — recruitment and selection. AI used to place targeted job advertisements, filter or screen applications, and evaluate candidates in the course of interviews or tests is high-risk.
- Point 4(b) — the employment relationship. AI used to make or materially inform decisions on promotion and termination, to allocate tasks based on behaviour or personal traits, and to monitor and evaluate performance and behaviour is high-risk.
- Breadth. This is one of the most clearly enumerated categories in Annex III — CV parsers, interview-analysis tools, gig-work task allocators, and performance-scoring systems are all in scope.
The classification does not depend on whether a human makes the final call — a tool that materially informs a hiring or firing decision is still high-risk.
Interplay: Worker Consultation, NYC LL144 & the EEOC
Hiring AI sits at the intersection of the AI Act, EU labour law, and — for US operations — bias-audit rules.
- Worker information and consultation. Before deploying a high-risk system at work, deployers that are employers must inform affected workers and their representatives (Article 26(7)), and national labour law and works-council consultation duties apply on top.
- NYC Local Law 144. US firms using automated employment decision tools for candidates or employees in New York City must commission an independent annual bias audit and publish a summary — a distinct obligation that runs in parallel to the AI Act.
- EEOC and US anti-discrimination law. Title VII, the ADA, and EEOC guidance on algorithmic tools mean a screening system can be lawful under one regime yet expose the employer under another — a single bias-aware audit trail helps you answer to both.
Run one governance program that satisfies the strictest applicable rule rather than a separate scramble per jurisdiction.
Core Obligations for Hiring AI
For a high-risk employment system, the deployer-facing duties matter most:
- Article 14 — human oversight. A person must be able to review, override, and disregard the AI's ranking or recommendation; the hiring decision cannot be effectively automated away.
- Article 13 — transparency to deployers. The provider must give HR teams enough information to interpret the tool's output, understand its limitations, and use it correctly.
- Article 10 — data governance. Training and evaluation data must be examined for bias so the tool does not encode discrimination against protected groups.
- Article 12 — logging. Automatic records let you reconstruct why a candidate was screened out — the evidence a bias audit or a discrimination claim will demand.
How AIAgentree helps
AIAgentree turns every AI-assisted hiring, promotion, and termination decision into a tamper-evident record with a human sign-off and a bias-relevant audit trail.
- Tamper-evident hiring-decision records capturing the AI's ranking, the factors behind it, and the recruiter or manager who reviewed it — the evidence a bias audit or a claim requires
- Human-oversight and approval workflows so a person reviews and can override each AI recommendation (Article 14), with the override reason recorded
- A bias-relevant audit trail plus precedent search for consistency across candidates and outcome tracking over time, with EU data residency (Germany) for GDPR alignment on applicant data
- Integrate via Python and TypeScript SDKs over REST, MCP, A2A, and OpenTelemetry — start on the 25-trace free tier with sub-10ms async logging latency
Frequently Asked Questions
Is CV-screening AI high-risk under the EU AI Act?
Yes. Annex III point 4(a) explicitly lists AI used to filter or screen job applications and to evaluate candidates as high-risk. Interview-analysis tools fall in the same category, as do promotion, termination, task-allocation, and performance-monitoring systems under point 4(b).
Do we have to tell employees we use hiring or management AI?
Yes. Under Article 26(7), a deployer that is an employer must inform affected workers and their representatives before putting a high-risk system into use at work. National labour law and works-council consultation duties apply on top of this.
How does the EU AI Act relate to NYC Local Law 144?
They are separate regimes that can both apply to a global employer. NYC LL144 requires an independent annual bias audit and a published summary for automated employment decision tools used in New York City, while the AI Act imposes risk-management, data-governance, transparency, and oversight duties across the EU. One bias-aware audit trail helps satisfy both.
Does a human reviewing the AI output make it low-risk?
No. A tool that materially informs a hiring, promotion, or termination decision is high-risk regardless of whether a human makes the final call. Article 14 requires that the human oversight be meaningful — the reviewer must be able to understand and override the AI, not just approve it.
When do hiring-AI obligations start?
The high-risk obligations under Regulation (EU) 2024/1689 apply from August 2, 2026. Employers and HR-tech vendors should inventory their tools against Annex III point 4 and put oversight, logging, and bias controls in place now.
Continue exploring the EU AI Act guide
EU AI Act Compliance Guide
The complete guide to EU AI Act compliance for AI agents — start here.
Article 12 — Record-Keeping & Logging
What every high-risk AI system must log, and how to capture it.
Article 14 — Human Oversight
Designing effective human-in-the-loop controls for AI decisions.
Annex III — High-Risk AI Systems
Which AI use cases the Act classifies as high-risk.
EU AI Act Compliance Checklist
A step-by-step checklist to reach and document compliance.
Compliance Cost Calculator
Estimate your EU AI Act compliance effort and cost.
Deadlines & Timeline
Key enforcement dates, including the August 2, 2026 deadline.
Fines & Penalties
Penalty tiers up to €35M or 7% of global annual turnover.
Transparency Obligations (Art. 13 & 50)
Disclosure duties for AI systems and their outputs.
Risk Management & Conformity Assessment
Build a risk management system and assess conformity.
GPAI Obligations
Rules for providers of general-purpose AI models.
EU AI Act for US Companies
Extraterritorial scope and what US providers must do.
Omnibus Update
The latest changes to the EU AI Act timeline and rules.
Penalty Calculator
Estimate your maximum fine under the Article 99 tiers.
Article 11 + Annex IV
What technical documentation the EU AI Act requires.
Article 26: Deployer Obligations
What deployers of high-risk AI must do, including log retention.
Article 17: Quality Management
The QMS providers of high-risk AI must document.
Article 10: Data Governance
Data quality, bias mitigation, and governance duties.
Article 4: AI Literacy
The staff AI-literacy duty in force since February 2025.
Deployer vs Provider
Who bears which obligation — and when a deployer becomes a provider.
FRIA (Article 27)
Who must run a Fundamental Rights Impact Assessment, and how.
Who Does It Apply To?
Scope, operators, and the extraterritorial reach of the EU AI Act.
Post-Market Monitoring
Articles 72–73: ongoing monitoring and incident reporting.
ISO 42001 vs EU AI Act
How the voluntary standard and the binding law fit together.
NIST AI RMF vs EU AI Act
A practical crosswalk between the framework and the law.
EU AI Act for Healthcare
High-risk medical AI, MDR/IVDR interplay, and clinician oversight.
EU AI Act for Financial Services
Credit scoring, insurance pricing, and existing financial regulation.