How to make your AI hiring decisions defensible

Picture this: a regulator, an auditor or a candidate asks you to defend your hiring process. Not in six months. Today. Could you show them exactly where AI touches your funnel, what it does, what it doesn’t do and who signed off on it?

For most teams, the honest answer is no. And that’s the gap this Open for Ops session set out to close. The premise from the panel was simple and a little uncomfortable: defensibility isn’t a binder you assemble after someone comes knocking. It’s a design decision you make before you launch anything.

Moderated by Martyn Redstone, Head of Responsible AI and Industry Engagement at Warden AI, the panel brought together three leaders who are living this in real time: Elisha Law-Simmonds, Head of Recruiting Systems at Anthropic; Brooks Parker, who leads talent operations and analytics at aerospace company Metrea; and Erin Walsh-Beguin, who looks after global talent acquisition operations and employer brand at GoDaddy. Here’s what they had to say about building hiring systems you can actually stand behind.
‍

Start by knowing where AI shows up in your funnel

You can’t defend what you can’t see. Before any documentation or governance, you need a clear map of every place AI and automation touch your process – sourcing, screening, scheduling, interviewing, communications and analytics.
‍

The trust gap is already filling with assumptions

That clarity matters more than ever, because candidates are filling the gaps with their own assumptions. Brooks put it plainly: there’s “a broken trust between candidates and hiring teams.” Candidates in a brutal job market are convinced AI is running the show end-to-end – screening their applications, rejecting them, no human in sight. In his experience, that’s not what’s happening. Teams commonly use AI to review high-volume pipelines and surface strong matches against human-set criteria, but AI owning the process start to finish “is just not something that I see happening today.”

The perception is real even when the reality isn’t. And you can’t correct a perception you haven’t mapped. Step one is being able to say, with precision, where AI is involved and where it isn’t.

Document what AI does – and what it doesn’t

Here’s the insight most teams miss. The most useful documentation explains both how you use AI and what you’ve decided not to use it for.

Erin described the standard operating procedure her team built in partnership with employment legal and infosec. It covers the obvious – how to actually do the thing – but it also goes further. The document spells out the variables that determine whether a candidate moves forward and it lays out the full training plan. One source of truth, easily accessible, already signed off on by the partners who helped write it.

That last part is the point. Because legal and security helped build it, the sign-off was baked in. If an auditor asked tomorrow, the evidence is ready.

What belongs in an audit-ready record

An audit-ready record generally answers five questions:

• The use case. What problem is this AI solving, specifically?
• The boundaries. What are you explicitly not using it for?
• The variables. What moves a candidate forward and on what basis?
• The training plan. How does your team learn to use it correctly?
• The candidate-facing language. What do you tell candidates about how AI is used?

Documentation like this also creates room to experiment safely. As Elisha noted, clear guardrails tell recruiters where they can go, where they can’t and where the gray area is – so they can try new things without crossing a line.

Define meaningful human oversight in practice

“Meaningful human oversight” gets repeated until it loses all meaning. The panel made it concrete.
‍

Start with the problem you’re solving

Brooks’s test: start with the problem you’re trying to solve. AI has real value in scheduling, offer workflows and other manual processes. But candidate selection, application review and interviewing? Those are places “I would love to see humans remain deeply involved.” Not because AI has no role, but because humans should be the arbiters of decisions that change people’s lives. Elisha offered a sharper filter – “I always ask: ‘Is this beneficial for both sides, or is it only beneficial for my team or my side?’ And that’s where I draw that line.”

You have to think about what you’re trying to solve for, but also where you can place AI where it won’t impact the candidate experience.

^{– Erin Walsh-Beguin, GoDaddy}

AI notetaking clears that bar easily: it’s been shown to reduce bias because you’re working from a record instead of an interviewer’s recollection. AI interviewing is more situational, but the same test applies. Elisha sketched the upside herself: a five-minute, four-question first round a candidate can take at midnight or after a shift, on their own schedule, and then “they immediately get to a person.” 

Done right, AI interviewing widens access at the top of the funnel and routes candidates to a human quickly – the first round brings structure, the hiring team reviews the results and people own what happens next. But that only holds with the right guardrails: transparency about where it’s used and the option for candidates to opt out.
‍

Govern before you scale, not after

When does an experiment become something you formally govern? Elisha drew the clearest line of the session: the moment it becomes your documented process.

“When is it the way, if you were to onboard a recruiter, that you tell them to use that tool or use that process?” That’s the threshold. Once it’s the thing you train people on, the thing touching every candidate, it needs governance – ideally with legal and security having looked at it already.
‍

Permission, not forgiveness

The rule here is ask permission, not forgiveness.

The first time you’re having this conversation should absolutely not be when you’ve already built something.

^{– Elisha Law-Simmonds, Anthropic}

You should already know your company’s risk tolerance and be able to spot red flags before you bring a vendor to your security team. That groundwork earns you trust, so when you do come with a gray-area ask you believe in, your partners know you’ve done the vetting.

Build the cross-functional muscle

Recruiting leaders are now the bridge between legal, security, IT, procurement and vendors. The panelists treat those relationships as infrastructure, not favors.

Keep the relationships warm

Elisha’s team keeps a standing cadence with employment legal, plus a Slack channel where the questions run both ways – legal flags a lawsuit and asks whether anything in the process looks similar. Erin brings partners into product demos so they understand the exact inflection points where a decision matters; her team has walked legal and infosec through Real Talent™ so they can tell automation apart from AI.
‍

Explain your use case clearly

Brooks’s lesson is the practical one. On day one at Metrea he stood up a channel with security, legal and procurement, because “we’re going to need to be on a first name basis.” But the bigger learning was about clarity: thoroughly explain your use case up front. Skipping that step earlier in his career “created a lot of confusion, a lot of unnecessary meetings” and stretched timelines that a clear ask would have shortened.
‍

The honest part: what still keeps these leaders up at night

The panel didn’t pretend this is solved. Asked what scares them, the answers were candid.

Erin pointed to the sheer volume of information these systems surface and the pace of change – “what you know today changes tomorrow.” Brooks echoed it and added the fear of implementing AI in the wrong place and damaging candidate perception in the market.

Elisha named the one that should worry everyone: the widening split between how excited recruiting teams are to add AI and how much trepidation candidates feel. “If that backlash gets bigger, it affects all of us.” Speed without verification isn’t just a compliance risk. It’s a trust risk and trust is the thing the whole funnel runs on.

Where should you start with a defensible AI hiring process?

A virtual attendee asked the question on everyone’s mind: launching an AI hiring tool while staying legally compliant, company-compliant and considerate of candidates feels like a large beast to tackle. Where do you begin?

Here’s what our panelists said:

1. Convene legal, infosec and risk first – before you talk to a single vendor. Understand the guardrails you’ll have to operate within.
2. Define your guardrails based on your company’s actual risk tolerance.
3. Bring your partners into every demo and demo each platform more than once. (Her team demoed each one at least three times.)
4. Prepare what you’ll tell candidates – something concrete, not buzzwords. As Brooks put it, anticipate what candidates will ask and have something real to send them so you’re not handing over “a nothingburger answer.”
5. Then launch – with the documentation, sign-offs and candidate transparency already in place.

Audit-ready by design

The thread running through every answer: defensibility isn’t a step at the end. It’s a way of building. Map where AI lives, document what it does and doesn’t do, keep humans as the arbiters of consequential decisions, govern before you scale and build the cross-functional relationships before you need them.

Do that, and the question “could you defend this?” stops being something you dread. It becomes something you’ve already answered.

Evaluating AI in your hiring tech stack? Our AI in ATS evaluation checklist walks through the questions that separate defensible systems from black boxes. Get the checklist.