Selling into HR?
Your customers are asking about AI regulatory compliance issues
Get the right governance and documentation to get back to building and selling
- New laws in the US, EU, and around the world place requirements on both vendors and users of AI-powered HR tools
- Buyers are starting to require adherence to these laws, placing the onus on the vendor to produce the required documents
- (Your lawyer says you should probably comply too)
Learn More About AI Compliance for HR Vendors
The tapestry of emerging supranational, national, state, and even municipal regulation of AI, in addition to a growing list of voluntary frameworks like NIST RMF, and ISO42001, have created confusion. Many organizations want to comply but don’t know how to start
A global consensus on AI regulation is emerging, requiring significant documentation of AI governance and management
The Colorado AI Act, EU AI Act, and several forthcoming laws define several “high-risk” categories for AI, requiring more stringent compliance. Employment technology is one of them.
Compliance will take dedicated resources, but it doesn’t need to be so confusing. (No, you don’t need an ethics board or a Chief AI Responsible Officer at a startup).
Required documents for vendors of high-risk systems include:
- Risk Management System
- Data Governance Policy
- Technical Documentation
- Accuracy, Robustness, and Cybersecurity Policy
- Instructions and documentation for deployers (customers)
- Human Oversight and Transparency Policy
- Quality Management System
- Fundamental Rights Assessment (in certain cases only)
- Conformity Assessment and EU Declaration of Conformity
AI systems will ultimately need to be registered in an EU AI Database
Proceptual compliance process moves organizations to compliance, developing the extensive reporting necessary
STEP 0 Registry and Risk Assessment
Create registry of Al tools in use, both internally developed and vendor-sourced
Assign risk classification to each tool
1 Month
STEP 1 Data Collection
Proceptual sends custom information and data request
Answers and data uploaded to our secure portal
1 Month
STEP 2 Create Gap Analysis and Iterate
Proceptual delivers list of missing or incomplete information
We recommend non-technical mitigation measures
1-2 Months
STEP 4 Produce Required Reporting
1-2 Months
- It’s simple — we produce the required policies, documents, and forms as quickly and easily as possible.
- Yes — there’s still some lift on your end. All of our clients make at least some process changes to get compliant with the new requirements.
- We help you get compliant with the new law so you can get back to building and selling. Your customers are safe in the knowledge that they can implement your solution and stay compliant with upcoming regulation.
FAQ
What laws should I be concerned about?
The EU AI Act and Colorado AI Act (SB24-205) have been passed and go into effect over the next few years. We expect similar legislation to pass in California and New York, as well as Canada, the UK, Australia, Japan, India, and many others.
New York City’s Local Law 144, requiring audits of AI systems in HR, is in force now.
Can I just do this myself?
For most upcoming laws, yes! (A few, like Local Law 144, require independent audit of AI systems). However, creating compliant documents from scratch takes likely hundreds of hours.
We make this massively faster.
Don't I need to hire a Chief AI Ethics Officer and reorient my whole company?
This doesn’t have to be so complicated. The laws are complicated, but what they are asking for is clear. Our focus is on providing compliant governance documents and processes as quickly as possible.
We already spend tons of resources reducing bias in our systems. Is that enough?
Unfortunately no; you still need to produce the documentation required by the laws.
The good news is that for thoughtful companies already atuned to these issues, it’s a lot easier.