Read our AI & Hiring Alignment Report with insights from 505 recruiting & hiring leaders.
Sign inBook a demoStart for free

Most recruiting teams already use AI. Most still don't have a policy: the 5-part framework that turns shadow AI into governed AI

Stephanie Tsimis
Stephanie Tsimis
26 Sep 2023 • 13 min read

Most recruiting teams already use AI in the hiring process. Recruiters draft outreach with ChatGPT, hiring managers ask Copilot to summarize a tech screen, RecOps pilots a sourcing tool nobody else can see. What most teams still don't have is a policy. Not because they think AI policies are unimportant, but because they thought it was a future problem, and the AI showed up faster than the framework did.

Per Metaview's 2026 AI & Hiring Alignment Report, surveying 505 recruiting leaders and hiring managers across North America and EMEA, 85% of companies that exceed their hiring goals use AI in hiring. Teams that put AI at the core are 3.8x more likely to rate their cross-functional partnership as excellent. But the report's sharper finding is the inverse: teams that adopt AI bottom-up, with each person picking their own tool, see worse outcomes than teams that don't use AI at all. Your AI policy isn't really a rules document. It's the coordination layer that decides whether AI strengthens the relationship between recruiters and hiring managers, or fragments it.

This guide walks through the five parts of an AI policy that survives contact with real recruiting work. Not a Legal-approved template that sits on a Confluence page (we've all seen those), but the operating document that turns the AI your team is already using into governed AI you can audit, refine, and defend. The structure: an inventory of what's in flight, a human-in-the-loop map, a candidate-disclosure pattern, a champion-led enablement plan, and a quarterly audit loop.

AI is already in your hiring process

Walk into any TA all-hands in 2026 and ask which AI tools the team uses. You'll get three answers from three people in the same five-person org. Recruiters will name the notetaker that joined their last screen. Hiring managers will mention the resume-screening assistant their VP-of-engineering recommended. RecOps will list two sourcing tools, one of which the rest of the team didn't know was running. Each person is convinced they have the full picture.

This is shadow AI in recruiting, and it's the actual problem the policy has to solve. Banning it doesn't work (recruiters will just use the tools on personal accounts), and pretending it isn't happening doesn't work either (the data, the disclosures, and the candidate experience are all moving without coordination). The first job of the policy is to make the invisible visible.

The fastest way to do that is to start with the integrations layer of whatever ATS you already run. Most modern ATSes (Greenhouse, Ashby, Lever, Workday Recruiting, SmartRecruiters) surface a list of connected tools, including the AI ones, alongside who installed them and what data they have access to. That list is your starting inventory, not your finished policy. The policy adds three things on top: who approved each tool, where its outputs land, and which stage of the funnel it touches.

Metaview Settings → Integrations grid showing AI tools wired into the hiring stack with approval status and ATS sync
The integrations layer of your ATS is your starting inventory. The policy adds three columns: who approved each tool, where its outputs land, and which stage of the funnel it touches.

Per the 2026 AI & Hiring Alignment Report, surveying 505 recruiting leaders and hiring managers across North America and EMEA, 67% of teams lose qualified candidates to competitors who move faster every month, and 90% rate their cross-functional working relationship as good or excellent, but 58% would still bypass their counterpart if they could (pp.6, 7, 11). The surface looks fine. The operational reality is that nobody trusts the inventory because there isn't one.

90%
of recruiting leaders and hiring managers rate the working relationship good or excellent (p.6).
58%
would still bypass their counterpart if they could (p.7). That's the gap a policy has to close.
5 of 10
excellent-partnership teams still lose qualified candidates to faster competitors. Without excellent partnership, it's 8 of 10 (p.12).
36%
of teams with fair-or-poor partnerships exceed business goals. With excellent partnership and high alignment, 79% do (p.13).
It's customizable. The option for candidates is built in, it's linked directly to our ATS. When an invite gets sent, we notify them we use Metaview, and they have the option to say yes or no. It's very rare that we have candidates say no.”
DS Damian Shelley Talent Acquisition · SoSafe

The 5 parts of an AI policy that actually changes behavior

A policy that survives contact with real recruiting work has five parts. None of them are the part most policy templates lead with (which is usually a paragraph defining "AI" for the legal team).

The five parts are not a sequence you do once. They're a loop you run every quarter, on the same shared inventory, with the same accountable owner.

  1. Part 1: Inventory. A single list of every AI tool that touches the hiring process, with approval status, data destination, and the stage of the funnel it lives in. Refreshed every quarter.
  2. Part 2: Human-in-the-loop map. A per-stage decision about where AI is leading and where humans stay accountable. Capture and summarization is usually AI-led. Reject and progress is usually recruiter-led. Final hire decision is usually hiring manager plus panel. The point isn't to be original; it's to make these placements explicit so the next AI tool doesn't accidentally shift them.
  3. Part 3: Candidate disclosure. What you tell candidates, when, and how they can opt out. Built into the ATS invite, not buried in the application terms.
  4. Part 4: Enablement. How the policy actually changes recruiter behavior. Champion-led rollout, not top-down mandate. Two-sprint pilots before company-wide rules.
  5. Part 5: Audit loop. Three metrics, reviewed every quarter: alignment at kickoff, time-to-decision, and quality-of-hire by stage. Nothing more (a longer list is just compliance theater).
Want this set up on your interviews?
Connect Metaview to your ATS in under 10 minutes.
See it live

Part 1 and 2: Inventory what's in flight, then decide where humans stay in the loop

Part 1: Inventory what's already in flight. The integrations grid in your ATS is the starting point, not the ending point. Add three columns to it: who approved this tool, where do its outputs land (back into the ATS? into a separate data warehouse? into the vendor's own AI training set?), and which stage of the funnel does it touch.

For most teams, the result of doing this for the first time is uncomfortable. You'll find at least one tool that nobody approved, two tools that capture candidate data with no defined destination, and at least one hiring manager who is running their own AI summarizer outside the company stack. That's the policy's first job done: you can't govern what you can't see.

Part 2: Decide where humans stay in the loop. The reason policies fail is usually not the rules; it's that the human-in-the-loop placement is implicit. People assume the AI is just helping until they realize the AI is making decisions that nobody explicitly delegated to it.

A clean human-in-the-loop map has three layers. Capture and summarization is AI-led. Live notes, scorecard pre-fills, post-meeting summaries, multi-source debrief consolidation. Humans don't need to be in this loop; they need access to the audit trail. Filter and surface is AI-led with recruiter review. AI Filters surfacing candidates from past interviews, application-review suggestions, structured fit signals. The AI surfaces; the recruiter chooses. Reject, progress, and hire decisions stay with humans. Final calls are recruiter-led at the funnel stages and hiring manager plus panel at the hire stage. The AI provides the structured evidence; humans take the action.

The Metaview product surfaces map to this layer cleanly because they were built for it. Capture is AI-led: the notetaker joins, transcribes, structures, and summarizes the conversation. Filter is AI-led with recruiter review: AI Filters let recruiters query past interviews in natural language and surface candidates they already screened. Hire decisions stay human, with the AI-captured evidence sitting in the panel's shared scorecard.

Metaview meeting auto-detection and template selection, the per-stage capture-layer control surface
The meeting-template layer is where the human-in-the-loop map gets enforced in practice: which call type uses which AI capture template, who can change it, and what the AI outputs back into the scorecard.

Part 3: Decide what to tell candidates, and when

Part 3: Decide what to tell candidates, and when. Two reasonable people can disagree about which AI tools your team should use. Almost no one can defend hiding them from candidates. And the operational fix is small: move the disclosure from the application terms into the interview invite.

The cleanest template we've seen is the SoSafe pattern. The notification goes out as part of the ATS invite, before the call. Candidates see which AI is used in the process, what it captures, and the option to say yes or no is one click. The vast majority of candidates say yes, because the disclosure happens before the bot joins the call, not after.

If you only do one thing from this guide, do this one. The cost is one ATS workflow change. The upside is that the disclosure stops being a Legal liability and starts being a candidate-experience signal. Candidates who opt in tell their friends. Candidates who feel the bot was sprung on them, post about it on LinkedIn.

The three columns of disclosure are: what you use (the tools and their function), what they do (capture, summarize, organize; not reject autonomously), and how to opt out (one click, no penalty). Skip the regulatory-citation paragraph in the candidate-facing copy. Save that for the Legal documentation that sits behind it.

Dimension Shadow AI (no policy) Top-down ban (the wrong policy) Coordinated AI (the policy that works)
Tool inventory Each recruiter, hiring manager, and RecOps lead picks their own tool. Nobody owns the map. List of banned tools shipped via Legal email. Recruiters use them anyway, just on personal devices. One source-of-truth list, refreshed quarterly, with approval status, data destination, and ATS sync.
Human-in-the-loop placement Whoever is least busy makes the call. Decisions drift toward whatever the AI surfaces first. Humans review everything, including the small low-stakes decisions, so the AI loses time savings. Mapped per stage. Capture and summarization is AI-led. Reject and progress is recruiter-led. Final hire decision is hiring manager and panel.
Candidate disclosure Candidates find out from the notetaker bot joining the call. Trust erodes mid-funnel. Boilerplate paragraph buried in the application terms. Nobody reads it; few candidates feel informed. Built into the ATS invite. Candidates see what AI is used, what it captures, and can opt out. Most don't.
Audit and adjust loop No baseline, no metric. Anecdotes only. The next reorg drives the next policy. Quarterly compliance review. Nobody is allowed to change the rules. The list dies on a Confluence page. Quarterly review against three metrics: alignment at kickoff, time-to-decision, and quality-of-hire by stage.

Part 4: Enable your team without a top-down mandate

Part 4: Enable your team without a top-down mandate. The fastest way to make an AI policy fail is to launch it as a Slack announcement from the VP of People. Even a well-written policy from the top reads as a constraint. Champion-led rollout reads as a workflow.

The mechanic that works: find three to five AI-curious recruiters, ask them to pilot the policy on their own reqs for two sprints, and document the workflow they actually use, not the workflow you wished they'd use. Then ship the policy as a how-we-work document with those recruiters as the named champions. The framing matters. "Here's how Sarah and Marcus run governed AI on their reqs, and here's the template you can copy" lands differently than "From now on, all recruiters must..."

The other piece of enablement that gets skipped is training on the audit trail itself. If your team is using AI tools that capture interview transcripts, scorecards, and summaries, then the audit trail is not the policy document; it's the AI output history inside the product. Recruiters and hiring managers need to know where to find it, how to read it, and what questions to ask of it. Otherwise the policy says you can audit, but nobody actually does.

Metaview AI Filters, natural-language query interface for searching past interviews surfaced by recruiter review
AI Filters are an example of the filter-and-surface layer: the AI surfaces candidates from past interviews matching a natural-language query; the recruiter chooses what to do with them.
This data shows that hiring managers and recruiters don't fully trust each other's judgment. This creates friction that tools alone cannot solve. The orgs that recognize this and help individuals collaborate more effectively will see dramatically better outcomes.”
AW Annie Wickman VP of People · MagicSchool AI
85%
of companies exceeding their hiring goals use AI in hiring. The 15% that don't aren't sitting it out, they're just unaligned about how their teammates already use it.Source: Metaview, 2026 AI & Hiring Alignment Report (p.4)

Part 5: Measure, audit, adjust (and the 5-part checklist)

Part 5: Measure, audit, adjust. Three metrics, reviewed every quarter. More than that is compliance theater; fewer than that misses the loop.

The three are: alignment at kickoff (per the 2026 Alignment Report, 68% of searches start with high alignment when AI is core to hiring, vs. 49% when teams don't use AI; p.18), time-to-decision (how fast you move qualified candidates from screen to offer, which is the cost a faster competitor charges you when you lag), and quality-of-hire by stage (the conversion rates between each stage of the funnel, segmented by who is interviewing).

The quarterly audit doesn't need to be a slide deck. The right format is one-page: what changed in the inventory, what shifted in the human-in-the-loop map, what the three metrics did, and one decision (something to add, something to remove, something to adjust). Anything longer gets ignored.

The full 5-part policy checklist:

  • Inventory. Live list of every AI tool touching the hiring process, with approval status, data destination, and stage. Refreshed quarterly.
  • Human-in-the-loop map. Explicit per-stage placement of AI-led vs. recruiter-led vs. hiring-manager-led decisions.
  • Candidate disclosure. Built into the ATS invite. Tools used, what they do, how to opt out. One click, no penalty.
  • Enablement. Three to five champion recruiters. Two-sprint pilots. Policy written from the recruiter's seat, not Legal's.
  • Audit loop. Quarterly review of alignment at kickoff, time-to-decision, and quality-of-hire by stage. One-page output.
The Situationship Between AI & TA: reconnecting with Siadhal Magos
This week on The Situationship Between AI & TA, I reconnected with Siadhal Magos, Founder of Metaview, to tackle the questions about AI policy, candidate disclosure, and what's actually changing in talent acquisition operating models.
LinkedInCameron Skinner
External signal: Siadhal Magos (Metaview co-founder and CEO) on the operating-model shifts AI is forcing on TA leaders. The same coordination thesis runs through the policy framework above.
See it in action

Bring Metaview into your hiring stack.

Live notes, structured scorecards, and ATS sync, set up in under 10 minutes.

Book a demo

Frequently asked questions

Do I need an AI policy if my recruiters are only using AI in their personal flow, like ChatGPT for outreach drafts?
Yes. That's exactly the situation a policy is for. Personal-flow AI is shadow AI by another name: the company has no inventory of which tools touch candidate data, hiring managers can't see how recruiters are evaluating, and the data destination is whatever each person's free account ships to. The first version of your policy doesn't have to be perfect; it just has to surface what's already in flight and put a single coordination layer over it.
Where should AI policy ownership sit, HR, Legal, or RecOps?
Joint ownership with one accountable lead. Legal owns the data-handling and disclosure requirements (regulatory, contractual, jurisdictional). HR or People owns the employee-side policy (training, expectations, performance implications). RecOps or TA Ops owns the operational policy that actually shapes recruiter behavior (which tools, which workflows, which audit cadence). The accountable lead is usually the head of TA or RecOps, because they own the workflow the policy has to survive contact with.
What should I tell candidates about AI in our hiring process?
Three things, in plain language: which AI tools we use (notetakers, summaries, AI Filters, application review), what they do (capture, organize, summarize, never reject autonomously), and how to opt out. Put it in the ATS invite, not buried in the application terms. The SoSafe pattern is the cleanest template we've seen: the option is built into the invite, candidates can say yes or no, and the vast majority say yes because the disclosure happens before the call.
How often should I audit the policy?
Quarterly is the right cadence for the first year. Three checks per audit: (1) the tool inventory (anything new in flight not on the list?), (2) the human-in-the-loop map (any stage where humans are reviewing decisions the AI should now handle, or vice versa?), and (3) the three outcome metrics (alignment at kickoff, time-to-decision, quality-of-hire by stage). After a year, move to twice yearly, plus an out-of-cycle audit any time a new AI tool gets added or a regulator publishes new guidance.
How do I roll out an AI policy without a top-down mandate?
Find your three to five AI-curious recruiters and ask them to pilot the policy on their own reqs for two sprints. Document the workflow they actually use, not the workflow you wished they'd use. Then ship the policy as a how-we-work document with those recruiters as the named champions. Mandate from the top tends to produce shadow workarounds; champion-led rollout tends to produce real adoption, because the policy was written from the recruiter's seat.
Does my AI policy need to address the EU AI Act, NYC bias audit law, or other AI regulations?
If you hire candidates in any jurisdiction with active AI-in-hiring regulation, then yes. The specifics depend on which AI tools you use and which decisions they influence, which is why the tool inventory has to come first. Get Legal involved early in any jurisdiction where you have real hiring volume. The point of the policy isn't to recite the regs back to candidates; it's to make sure your operational reality matches what your disclosure says, in every jurisdiction where it matters.
Get our latest updates sent straight to your inbox.
Subscribe to our updates
Stay up to date! Get all of our resources and news delivered straight to your inbox.

Other resources

Superpowered recruiters don't automatically mean superpowered recruiting.
Blog • 4 min read
Siadhal Magos
Siadhal Magos1 Jun 2026
Metaview is an official ChatGPT app
Blog • 3 min read
Stephanie Tsimis
Stephanie Tsimis 31 May 2026
Back to all resources