EVE AI Core
EVE AI Core
EEOC-compliant pre-execution enforcement for résumé screening, interview AI, and automated hiring decisions. CoreGuard enforces NYC Local Law 144, the Illinois AI Video Interview Act, and EU AI Act high-risk requirements — and generates signed bias audit certificates for every employment AI decision.
Employment AI sits at the intersection of Title VII, state bias audit laws, worker privacy statutes, and the EU AI Act's highest-risk category — a compliance surface that is expanding faster than most HR technology vendors can track.
The EEOC's 2023 guidance on AI and automated systems in employment clarified that Title VII's prohibition on disparate impact applies fully to AI-assisted screening and selection tools. Employers remain liable for discriminatory outcomes even when those outcomes are produced by third-party AI vendors. The EEOC has brought enforcement actions against employers whose AI screening tools produced statistically significant disparate impact on protected groups — and has signaled continued scrutiny of automated hiring systems.
New York City Local Law 144 (effective July 2023) requires employers using automated employment decision tools (AEDTs) in New York City to conduct an annual independent bias audit assessing selection rate disparities by race/ethnicity and sex, publish a summary of audit results, and notify candidates that an AEDT is being used. Employers that fail to audit or publish face civil penalties per day of non-compliance. CoreGuard generates the decision-level data and signed certificates that independent auditors need to produce the required bias audit reports.
Illinois 820 ILCS 42 requires employers using AI to analyze video interviews to disclose how the AI works, what characteristics it evaluates, and to obtain candidate consent before analysis. Maryland, New York State, Washington, and California have enacted or are advancing similar video interview AI disclosure laws. CoreGuard enforces consent verification as a pre-condition for any AI video analysis request — decisions submitted without documented consent are blocked before analysis begins.
The EU AI Act classifies AI systems used in employment, worker management, and access to self-employment as high-risk. This triggers conformity assessment requirements, mandatory human oversight mechanisms, transparency and explainability obligations, and ongoing accuracy and robustness documentation. Employers or vendors deploying employment AI affecting EU-resident candidates or employees must comply regardless of where the employer is headquartered. CoreGuard's audit trail directly supports EU AI Act conformity documentation.
Beyond New York City and Illinois, at least fourteen states have introduced or enacted legislation governing AI use in employment decisions since 2022. California's CPRA and proposed amendments to FEHA, Colorado's AI Act, and Maryland's proposed AI Hiring Act create an expanding patchwork of employer obligations. CoreGuard's policy pack is updated as new state laws take effect, with employers receiving updates before the effective date — not after the enforcement action.
Federal contractors subject to OFCCP oversight must maintain Internet Applicant records and demonstrate that selection procedures do not produce adverse impact. The OFCCP has issued guidance indicating that AI-based screening tools are subject to these requirements. Federal contractors using AI screening must be able to produce decision-level records for OFCCP compliance evaluations — exactly what CoreGuard's certificate store provides on demand.
Most enterprise HR teams have an AI use policy. HR technology vendors provide attestations that their screening tools have been tested for bias. What almost no organization has is decision-level enforcement running on every screening decision in production.
The gap is significant. Vendor bias testing is conducted on historical data. When your organization's applicant pool shifts — because you changed a job description, opened a new role in a different market, or a new ATS integration changed which candidates the AI scores first — the bias test no longer describes the system in production. The four-fifths rule violation accumulates in live decisions months before your annual audit catches it.
The second gap is jurisdictional fragmentation. A global employer running the same AI screening tool in New York City, Chicago, Denver, London, and Frankfurt faces different legal obligations at each location. The AI vendor attestation covers none of them specifically. CoreGuard enforces the rules for each jurisdiction at the individual decision level — before the candidate record is updated.
NYC Local Law 144 civil penalties accrue per violation per day. EEOC charge investigations triggered by an AI screening complaint can extend for years and reach class-action scale. Closing the enforcement gap before the investigation is categorically different from explaining your AI governance policy after it.
CoreGuard's HR policy pack implements specific enforcement logic for each employment AI obligation — not generic fairness checks, but law-specific compliance logic.
Before any AI-generated screening score is used to advance, hold, or reject a candidate, CoreGuard evaluates the request against the HR policy pack. Checks include: prohibited feature detection (name-based ethnic inference, graduation year as age proxy, address as socioeconomic proxy), score threshold validation against the employer's documented selection criteria, and disparate impact monitoring against the rolling cohort. Requests that fail any check are blocked, modified, or escalated for human review — the certificate documents which path was taken and why.
When an AI screening decision constitutes an adverse action — a rejection, a hold, or a score below the employer's selection threshold — CoreGuard's certificate includes a structured adverse action record with the specific factors that contributed to the decision. For jurisdictions requiring pre-adverse action notice (including New York City for AEDT-based decisions), the certificate includes the five-business-day waiting period flag and the disclosure text required before the final adverse action is taken. This record can be consumed directly by your HR workflow for notice generation.
CoreGuard maintains a rolling disparate impact index for each AI tool and role. When selection rates for any race/ethnicity or sex category drop below the four-fifths (80%) rule threshold relative to the highest-selected group — the EEOC's standard for adverse impact — the system generates an alert for HR compliance team review. Because the monitor runs on decision certificates rather than reconstructed data, the alert arrives when the pattern is forming, not months later during an annual audit. Employers can configure role-specific or jurisdiction-specific thresholds where more stringent standards apply.
Under the Illinois AI Video Interview Act and similar laws, AI-assisted video analysis requires candidate disclosure and consent before the analysis occurs. CoreGuard enforces consent as a hard pre-condition: any AI video analysis request submitted without a documented consent record is blocked. The certificate records the consent method, timestamp, and the disclosure text provided to the candidate. For employers operating across Illinois, New York, Maryland, and international jurisdictions, CoreGuard routes each request through the applicable jurisdiction's consent rules automatically.
NYC Local Law 144 requires the bias audit to be conducted by an independent auditor and to assess selection rates by intersectional sex/race categories. CoreGuard generates a signed annual bias audit data certificate — a structured JSON document containing selection rates by category, adverse impact ratios, the hash of the decision corpus used, and a chain integrity verification result — that independent auditors can use directly to produce the required bias audit report and public summary. The certificate is signed with an HMAC-SHA256 signature verifiable without CoreGuard's involvement, supporting independent auditor verification.
CoreGuard sits between your AI scoring engine and your applicant tracking system without requiring ATS changes or disrupting recruiter workflows.
CoreGuard integrates with Greenhouse and Lever via webhook from the custom stage in the application review workflow. When a candidate reaches a stage where AI-assisted screening or scoring occurs, CoreGuard evaluates the decision request before the stage outcome is recorded. The certificate is stored in CoreGuard's audit store and can be appended to the candidate activity log via the Greenhouse or Lever API.
CoreGuard is called from Workday's Extend platform or from the custom integration layer in Workday Recruiting. AI-driven candidate ranking and shortlisting decisions pass through CoreGuard evaluation before the disposition is written to the candidate record. Decision certificates are accessible from the Workday compliance reporting module via API.
CoreGuard integrates with SAP SuccessFactors Recruiting via the SAP Business Technology Platform extension framework. The pre-decision evaluation hook is inserted in the recruiting workflow before any AI-assisted screening output is applied to a candidate. Certificates are routed to the SAP audit log and to CoreGuard's certificate store for examination-ready retrieval.
For organizations running proprietary applicant tracking systems or modern talent acquisition platforms, CoreGuard exposes a REST API and Python SDK. Integration requires fewer than 20 lines of code in most environments. The SDK handles certificate storage, chain verification, annual bias audit report generation, and compliance dashboard data export.
Every AI employment screening decision evaluated through CoreGuard produces a signed JSON certificate returned synchronously. The example below shows an AI résumé screening decision that was modified — the AI score was above threshold but the prohibited-proxy check detected a name-based ethnic inference feature that had to be stripped before the score was applied.
{
"certificate_id": "cert_5e1a3b9c-2d7f-44e8-b1a4-8c3e2d5f0a7b",
"issued_at": "2026-05-05T09:22:11.304Z",
"policy_set": "hr_employment_v1",
"policy_pack_hash": "sha256:7c3d2a1f8e5b4c0d...9a2e",
"model_id": "resume-screening-nlp-v3.1.2",
"model_version_hash": "sha256:d4e3f2a1c0b9a8e7...",
"decision": {
"status": "MODIFIED",
"risk_level": "MEDIUM",
"risk_score": 0.54,
"action_type": "resume_screening",
"modification": "prohibited_feature_stripped_before_score_applied",
"adverse_action": false
},
"policy_evaluation": {
"rules_evaluated": 21,
"rules_triggered": 1,
"violations": [
{
"rule_id": "hr.proxy.name_ethnicity_inference",
"description": "Model feature infers ethnicity from applicant name",
"feature_flagged": "name_origin_score",
"action_taken": "feature_zeroed_before_final_score"
}
],
"disparate_impact_check": "PASS",
"consent_verified": "N/A — not video analysis",
"jurisdiction": "NYC",
"nyc_ll144_aedt_flag": true,
"candidate_notice_required": true
},
"context": {
"req_id": "REQ-2026-04812",
"role": "Senior Software Engineer",
"ats": "greenhouse",
"stage": "application_review"
},
"chain": {
"previous_cert_hash": "sha256:2a4c6e8b0d1f3...",
"chain_position": 72193
},
"signature": "HMAC-SHA256:1b3e5f7a9c2d..."
}
MODIFIED decisions document exactly which feature was flagged and what action was taken.
The nyc_ll144_aedt_flag and candidate_notice_required
fields drive the pre-adverse action notice workflow in the connected ATS.
The CoreGuard Python SDK reduces HR AI governance integration to a single function call. The following example shows a résumé screening integration for a Greenhouse-based workflow, with jurisdiction-aware policy routing and adverse action notice generation.
from eve_coreguard import CoreGuardClient, EvaluationRequest
client = CoreGuardClient(api_key="cg_prod_...")
# Evaluate before updating candidate stage in Greenhouse
result = client.evaluate(EvaluationRequest(
policy_set="hr_employment_v1",
user={
"id": recruiter_id,
"role": "recruiter"
},
action={
"type": "resume_screening",
"ai_score": ai_score,
"ai_features": feature_dict,
"threshold": selection_threshold,
"disposition": proposed_disposition
},
context={
"req_id": req_id,
"role_title": role_title,
"ats": "greenhouse",
"jurisdiction": candidate_jurisdiction,
"consent_record_id": consent_id # required for video analysis
}
))
if result.decision.status == "BLOCKED":
# Do not apply AI decision — route for human review
flag_for_human_review(candidate_id, result.certificate_id)
elif result.decision.status == "MODIFIED":
# Use modified decision from certificate
apply_modified_decision(result.decision.modified_output)
if result.policy_evaluation.candidate_notice_required:
queue_pre_adverse_action_notice(candidate_id, result)
else:
# ALLOWED — apply original AI decision
apply_ai_decision(proposed_disposition)Work with the EVE Core HR team to configure your policy pack: AI tools in use, jurisdictions where you hire, roles covered, and any organization-specific prohibited criteria. The pack is version-controlled and updated independently of your AI screening tool when regulations change.
Add the CoreGuard SDK call between your AI scoring engine and your ATS stage update. The call is synchronous and returns within 3 milliseconds, well within ATS webhook timeout limits.
Set the adverse impact ratio threshold (default: four-fifths rule) and alert routing for each role and jurisdiction. Connect the compliance dashboard to your HR analytics platform for continuous monitoring between annual bias audits.
At the end of each calendar year (or on demand), run the NYC LL 144 audit report from the CoreGuard dashboard. The report generates a signed audit data certificate covering all AEDT-evaluated decisions in New York City during the period — ready for submission to your independent auditor.
NYC Local Law 144 requires employers using automated employment decision tools in New York City to conduct annual independent bias audits and publish summary results. CoreGuard supports this requirement by generating a signed annual bias audit certificate that documents selection rate disparities by sex, race/ethnicity, and intersectional categories against the four-fifths rule, with a hash-chained record of all decisions evaluated during the audit period. The certificate provides the structured data an independent auditor needs to produce the required bias audit report. The certificate is signed with HMAC-SHA256 and is verifiable by the independent auditor without CoreGuard's involvement — satisfying the independence requirement of the law.
Yes. When an AI employment screening decision constitutes an adverse action — a rejection based on an automated score — CoreGuard's decision certificate includes a structured adverse action record with the specific factors that contributed to the decision. This record can be consumed by your HR workflow to generate the required pre-adverse action notice, including the minimum five-business-day waiting period required in many jurisdictions. The certificate also documents whether the adverse action was based in whole or in substantial part on the AI tool's output, as required by NYC LL 144 and similar laws. For complex AI models where native feature attribution is unavailable, CoreGuard supports integration with SHAP or LIME explanation layers to produce the required specific factors.
CoreGuard integrates via a REST API call inserted between your AI scoring engine and your ATS. For Greenhouse and Lever, the call is made from a webhook or custom stage in the application workflow before the candidate record is updated with an AI-driven disposition. Workday and SAP SuccessFactors integrations use the same API pattern from the Recruiting module's custom action layer. The Python SDK reduces integration to fewer than 20 lines of code for most ATS environments, and the call adds under 3 milliseconds of latency — well within typical ATS webhook timeout windows.
The Illinois AI Video Interview Act (820 ILCS 42) requires employers using AI to analyze video interviews to notify candidates before the interview that AI will be used, explain how the AI works and what characteristics it evaluates, and obtain consent. CoreGuard's HR policy pack enforces disclosure and consent verification as a pre-condition for any AI video analysis request — requests submitted without a documented consent record are blocked. The certificate records the consent method, timestamp, and the disclosure text provided to the candidate. CoreGuard's jurisdictional routing automatically applies Illinois consent rules to any video analysis request involving a candidate located in Illinois, regardless of where the employer is based.
Talk to the EVE Core HR team about a CoreGuard deployment scoped to your screening tools, ATS, and jurisdictions. We start with a 30-minute architecture review at no cost — and can have you generating NYC LL 144 audit certificates within two weeks.
Also see: Financial Services AI Governance | Healthcare AI Governance | Legal AI Compliance | Insurance Underwriting AI
Each pack is a versioned, deterministic rule set with a documented regulatory basis. Reference the
policy_id in your /v1/decisions/evaluate calls, or enumerate the full
27-pack catalog at /docs/policy-packs.
NYC Local Law 144 bias-audit currency, candidate notice, protected-basis screening, and four-fifths adverse-impact.
EU AI Act Article 5 prohibited practices, Annex III high-risk human oversight, logging, and transparency obligations.
WCAG 2.1 AA — text alternatives, colour contrast, keyboard operability, and captions for applicant-facing tools.