The EU AI Act is in force, and the recruiting parts of it are some of the strictest. If you hire in the EU and your ATS uses AI to screen, rank, or score candidates, you are operating a high-risk AI system under Annex III of the Act, even if you have 20 employees and you didn’t build the AI yourself. The deployer obligations sit on you, not just your vendor. The full obligations become enforceable on 2 August 2026, with penalties under Article 99 reaching up to €15 million or 3% of global annual turnover for breaches of high-risk obligations.
At Join we ship AI as an assistant, not as a decision-maker. That stance puts our AI features on the limited-risk side of the Act’s classification by design (drafting, summarising, suggesting), which is why we can write this post from both sides of the table at once: as a vendor that has built around the Act, and as the customer we wish we had been when we were buying ATS software ourselves.
This is not a legal opinion. It is a plain-language map of what the Act expects, with five questions you can ask any ATS vendor before you sign or renew.
What’s high-risk and what isn’t
The Act sorts AI by what it does to people. Anything that materially affects access to employment is high-risk.
| High-risk | Not high-risk |
|---|---|
| Ranking or scoring candidates against a job | Drafting a job ad |
| Filtering applications before a human sees them | Summarising a CV for a human to read |
| Predicting performance, fit, or longevity from a CV | Suggesting interview questions to a hiring manager |
| Automated rejection without human review | Sorting candidates by recency or completeness |
The line is whether the AI is making a decision that affects whether the candidate progresses. If yes: high-risk. If no: limited-risk, and the obligations are lighter.
What “high-risk” actually requires
Operating a high-risk system imposes five obligations on you as the deployer, simplified here:
- Human oversight that is real, not theatre. Article 14 of the Act requires a human be in a position to override or ignore the AI’s output, with enough information to do so. A button labeled “approve” that nobody clicks doesn’t count. The hiring manager has to see why the AI suggested what it suggested, and be able to push back.
- Documented purpose and accuracy claims. Your vendor should be able to tell you, in writing, what the system is for, what it was trained on, what its known limitations are, and how it performs on the metrics that matter (bias, accuracy, fairness across protected categories). If the answer is “the model is proprietary, we can’t share that”, the answer is wrong.
- Transparency to candidates. Candidates have the right to be told when an automated system played a meaningful part in a decision about them. Not in your privacy policy in size-8 grey text. In language the candidate can find and understand.
- Logging. Records of which decisions the system made about which candidates, kept for long enough to audit. Most vendors store this; few make it easy to export. Ask before you sign.
- Bias monitoring. Ongoing. Not “we tested it once at launch.” If the model is updated, the testing repeats. If your applicant pool changes, the testing repeats.
Five questions to ask any ATS vendor
These are the ones we’d ask before signing a contract that gives an AI any role in hiring decisions.
| Question | Red-flag answer |
|---|---|
| Is your AI classified as a high-risk system under the EU AI Act, and what specifically makes it so or not? | Hedging. A vendor that hedges is a vendor that hasn’t done the work. The answer should be specific. |
| Can a candidate ask exactly what role your AI played in their rejection, and what would the answer be? | The answer requires a legal team. The system is too autonomous. |
| What’s your bias testing methodology, and when did you last run it? | ”We test for bias” with no specifics. “We use the [methodology] and last published results in [month]” is the right shape. |
| What does human oversight look like in your product, by default? | Oversight is an opt-in setting buried three screens deep. Most customers won’t enable it. The default matters. |
| If we get a regulatory inquiry, what can you give us within 48 hours? | A vendor that can’t answer this hasn’t thought about it from your side of the contract. |
Where this lands for a 30-person company
You are not a Fortune 500 with a compliance team. You probably can’t audit a vendor’s training data yourself. What you can do is choose vendors whose answers to the five questions above are short, specific, and don’t end in “trust us”.
Honest disclosure: this is part of why we built Join the way we did. The AI features we ship are deliberately on the limited-risk side of the line: drafting, summarising, suggesting. The parts that would tip into high-risk (auto-ranking, auto-rejection) we don’t ship. We made that decision before the Act was final, and we’d have made it anyway. The Act just makes the cost of getting it wrong more legible.
If you take one thing from this post: read the part of your ATS contract that talks about AI. Then read it again with the five questions in front of you. The answers should be clear enough that a regulator who picks up the phone gets the same story you’d tell a candidate.
If they don’t, you have homework before you sign.
