EU AI Act HR Compliance Matrix & Checklist - Interactive Tool

Adjust the sliders to see if your HR AI technology is in a "Liability Trap" or a "Safe Harbor".

EU AI Act HR Compliance Matrix

How to Use This Tool

The "Weight" (AI Criticality) Measures how much impact the AI has on personal lives. High scores represent automated hiring, ranking, or performance monitoring (High-Risk).

The "Force" (Safeguard Strength) Measures your organization's control. High scores represent strong Human Oversight (Art. 14) and the 'Right to Explanation' (Art. 86).

AI Criticality 5.0

Safeguard Strength 5.0

The "Weight" (AI Criticality) →

Liability
trap

Safe
harbor

Minimal
risk

Safe
gov

The "Force" (Safeguard Strength) →

Assessing...

Compliance Outlook

Adjust the sliders to define your AI governance standing.

How the Score is Calculated

This is basically your AI Act HR impact assessment.

The vertical axis tracks how much weight the AI carries in big decisions like CV screening, performance reviews, or promotions.
The horizontal axis is your human oversight score. We plot these to see if your actual controls are strong enough to handle the reality of using high-risk AI in HR.

How to Read the Results

The "Weight" (AI Criticality): This is essentially your "Risk Factor." In HR, if you're using AI to filter resumes, rank performance, or decide who gets a promotion, the "Weight" is heavy. The EU AI Act takes this very seriously and these are the high-stakes decisions that can change someone’s life, which is why they carry the most regulatory heat.

The "Force" (Safeguard Strength): Think of this as your "Safety Net." It’s not just about having a policy on a shelf, it’s about actual control. Do you have a human who can step in and override the AI? Can you explain to an employee exactly why the system flagged them? The more "Force" you have, the more protected your company is.

The Four Zones

1.) Liability Trap: This is the danger zone. You’re using high-impact AI (Heavy Weight) but you don’t have the proper human checks in place (low Force). Under the EU AI Act, this is where you’re most vulnerable to legal headaches and fines because you’re essentially letting AI run without a driver.

2.) Safe Harbor: This is the goal. You’re using powerful AI to drive the business, but you’ve built a strong enough "Force" to balance it out. You’ve got the oversight and the explanations ready, which keeps you compliant and keeps your employees’ trust.

3.) Minimal Risk: This is for the simple stuff, like AI that helps you draft a job description or organize a calendar. It doesn't need heavy governance because the impact on people's careers is low.

4.) Safe Governance: You’re actually "over-governing" here. You have more safeguards than your current AI requires. It’s a smart place to be if you’re planning on rolling out more advanced HR AI later, you’ve already built the cushion you’ll need.

Moving Out of the Liability Trap (Scenarios A & B)

Scenario A: We need this AI so let’s make it legal

This is for the company that relies on high-impact AI tech. Maybe it’s a tool that automatically ranks thousands of resumes or handles performance evaluation and you don't want to give it up. Since you aren't changing the Weight, you have to beef up the Force.

The Plan: You do not fire the AI. You put a human in charge of auditing the AI’s decisions on things like promotions or scoring. You also set up a right to explanation process so staff can see how AI reached its conclusion.
The Bottom Line: You are still using high-risk AI in HR, but you’re doing it legally. You’ve balanced the scales by adding real human oversight.

Scenario B: We do not have the resources to monitor this so let’s play it safe

This is for the team that realizes they bought a Ferrari when they only needed a golf cart. If you don’t have the people to sit there and check every single automated decision for bias or errors, you need to lower the Weight.

The Plan: You demote the AI. Instead of letting the ATS decide who gets an interview, you change the settings, so it only highlights keywords or summarizes bios. The AI goes from being the Judge to being a Research Assistant.
The Bottom Line: Since the AI isn't making the final call anymore, your AI Act HR impact assessment gets a lot simpler. You move back to minimal risk just by pulling back the power you give AI.

EU AI Act HR Compliance Checklist

Category	Action Item	HR Specifics & Examples
1. Strategy & Risk	Identify & Classify AI Features	Inventory every "smart" feature you use. High-Risk examples: "Smart Match" rankings in your ATS, candidate scoring on professional networks, or "Retention Risk" indicators.
2. Governance	Role-Based AI Literacy	Under Article 4, training is mandatory for all staff using AI (Recruiters, HRBPs, and Line Managers). Document that they understand how to interpret AI scores, spot bias, and know when to challenge the AI's "logic."
3. Transparency	Candidate Disclosure	Update your careers site. You must inform people if an AI is evaluating them. Under Article 86, they have a legal right to an explanation of the AI's role in their rejection or score.
4. Rights Impact	Fundamental Rights Assessment	Before deployment, assess how the tool impacts employee rights. This is often integrated into your DPIA (Data Protection Impact Assessment) for any High-Risk HR technology.
5. Human Force	Human-in-the-Loop	Systems must not "Auto-Reject" without human sign-off. A human must have the authority to override or ignore the AI's recommendation to prevent automation bias.
6. Records	Logging & Audit Trail	Ensure your software logs every decision. You must keep these records for at least 6 months to provide a trail if a regulator or employee challenges a decision.
7. Incident Plan	Response Protocol	If the AI shows systemic bias, you must suspend use immediately and report the incident to the relevant national authority within 15 days.

Key HR-Specific Focus Areas:

Banned Practices: From February 2025, using AI for Emotion Recognition in the workplace (e.g., analyzing webcams for focus or mood) is strictly prohibited.
Works Councils: In the EU, you are legally required to consult employee representatives before launching AI that monitors performance or tracks digital activity.
Vendor Accountability: Don't just take their word for it. Demand an "EU AI Act Compliance Statement" for your records to ensure the tool's training data was non-discriminatory.

Disclaimer: This interactive tool & checklist are for informational purposes only and do not constitute legal advice or a formal compliance audit under the European Union AI Act.

Helpful Resources

Found yourself in the Liability Trap? Don't panic. You can build your Force today with our complete HR AI Governance Toolkit. It includes the policies, risk assessments, and training templates you need to reach the Safe Harbor.