AI Policy for ERF Member Recruitment Agencies – Employment and Recruitment Federation

ARTIFICIAL INTELLIGENCE POLICY FOR ERF MEMBER RECRUITMENT AGENCIES

Model Policy for Candidate-Facing Communications

Updated: 29th January 2026

INTRODUCTION

This model policy is intended for ERF member organisations to adopt, modify, and publish on their websites and/or provide directly to candidates. It covers transparency requirements under the EU Artificial Intelligence Act (Regulation 2024/1689), the General Data Protection Regulation (GDPR), and the Data Protection Act 2018.

Members should tailor this policy to reflect their specific AI tools and practices. Text in [square brackets] indicates where customisation is required.

IMPLEMENTATION GUIDANCE FOR ERF MEMBERS

Adopting This Policy

Review your AI tools: Conduct an audit of all AI-assisted tools currently in use and map them against the categories in this policy
Customise the template: Replace all bracketed text with your organisation’s specific details
Train your staff: Ensure all recruiters understand the policy and can explain it to candidates
Document your processes: Maintain records of human oversight and review procedures
Publish prominently: Make the policy easily accessible on your website and include a link or reference in candidate communications
Review regularly: Schedule at least annual reviews of the policy to ensure ongoing accuracy and compliance

Recommended Actions

Immediate

Publish a clear, candidate‑facing AI information notice and policy, and conduct an initial audit and inventory of all AI tools used in recruitment and selection processes.

By 31 March 2026

Complete due diligence on all AI vendors involved in recruitment and HR decision‑making and implement appropriate logging and documentation measures to support accountability under the GDPR and forthcoming EU AI Act obligations.

By 2 August 2026

Ensure full compliance with the EU AI Act obligations applicable to deployers of high‑risk AI systems used in recruitment and employment decisions, including risk management, data governance, technical documentation, logging, transparency, human oversight, and post‑market monitoring measures.

Ongoing (from 2026 onwards)

Carry out regular bias and performance audits of AI tools, provide periodic staff training on AI, data protection and non‑discrimination, and review and update AI‑related policies and records to maintain continuous compliance with the GDPR and the EU AI Act.

This model policy is provided for guidance purposes. ERF members should seek specific legal advice on their individual circumstances and ensure the policy accurately reflects their actual practices.

Should you require any clarification on implementing this policy or wish to discuss specific AI tools your organisation is considering, please do not hesitate to contact Mary Seery Kearney, ERF DPO/Legal Advisor: mary@hrbrief.ie