Short answer: Employment AI systems can be structured to avoid the EU AI Act's high-risk classification by limiting decision scope and maintaining human-in-the-loop architecture. Wednesday scopes this in a one-week discovery sprint before any code is written.
Your CHRO's legal team has confirmed that your AI screening and performance assessment features are high-risk under the EU AI Act. Your product team built them without a conformity assessment.
The gap between those two facts isn't just a compliance problem - it's a liability problem. Deploying a high-risk AI system without a conformity assessment is a regulatory infraction. The path to remediation is faster if you approach it with the right architecture partner.
What decisions determine whether this project ships in 6 weeks or 18 months?
Four decisions determine whether the conformity assessment your legal team needs closes in 6 weeks or becomes a multi-quarter project.
High-risk scope definition. The Act lists AI in employment decisions - recruitment screening, performance monitoring, promotion assessment, and termination support - as high-risk. If your app touches any of these decisions, even as an assisting tool rather than a decision-making one, the full compliance framework applies. Defining scope precisely changes the conformity assessment work by 30-50%. A feature that surfaces candidate information without ranking or scoring may fall outside the high-risk boundary. Getting that determination from your legal team before the assessment work begins saves weeks.
Transparency to affected workers. High-risk HR AI requires that workers be informed when AI is used to evaluate them. The disclosure mechanism has to be built into the app UI - not added as a clause in the employment contract or a footnote in the privacy policy. Workers need to be able to see that AI is active, understand its purpose, and know who to contact with questions. The disclosure architecture has to satisfy the Act's transparency requirements before deployment.
Bias and fairness testing. The Act requires testing for discriminatory outcomes across protected characteristics before a high-risk HR AI system is deployed. If your engineering team doesn't have a testing methodology for this, building one before the conformity assessment is required. The testing has to cover age, gender, race, disability, and any other characteristics protected under the employment laws of the jurisdictions you operate in.
On-device vs server model. An on-device model that processes evaluation data locally creates a different data flow from a server model. The Act's data governance requirements apply to both, but a local model's audit trail is easier to demonstrate. There is no external API call to log, no subprocessor to document. On-device HR AI is also a stronger transparency story to give affected workers: their evaluation data never left their own device during processing.
Most teams spend 4-6 months discovering these decisions by building the wrong version first. A team that has shipped this before compresses that to 1 week.
On-Device AI vs. Cloud AI: What's the Real Difference?
| Factor | On-Device AI | Cloud AI |
|---|---|---|
| Data transmission | None — data never leaves the device | All inputs sent to external server |
| Compliance | No BAA/DPA required for inference step | Requires BAA (HIPAA) or DPA (GDPR) |
| Latency | Under 100ms on Neural Engine | 300ms–2s (network + server queue) |
| Cost at scale | Fixed — one-time integration | Variable — $0.001–$0.01 per query |
| Offline capability | Full functionality, no connectivity needed | Requires active internet connection |
| Model size | 1B–7B parameters (quantized) | Unlimited (GPT-4, Claude 3, etc.) |
| Data sovereignty | Device-local, no cross-border transfer | Depends on server region and DPA chain |
The right choice depends on your compliance constraints, query volume, and task complexity. Wednesday scopes this in the first week — before any code is written.
Why is Wednesday the right team for on-device AI?
We built Off Grid because we hit every one of these problems in production. Off Grid is the fastest-growing on-device AI application in the world, with 50,000+ users running it today.
It's open source, with 1,650+ stars on GitHub and contributors from across the world. It has been cited in peer-reviewed clinical research on offline mobile edge AI.
Every decision named above - model choice, platform, server boundary, compliance posture - we have made before, at scale, for real deployments.
How long does the integration take, and what does it cost?
The engagement is four sprints. Each sprint is fixed-price. Each sprint has a named deliverable your team can put on a roadmap.
Discovery (Week 1, $5K): We resolve the four decisions - model, platform, server boundary, compliance posture. Deliverable: a 1-page architecture doc your CTO can take to the board and your Privacy Officer can take to Legal.
Integration (Weeks 2-3, $5K-$10K): We ship the on-device model into your app behind a feature flag. Deliverable: a working build your QA team can test against real workflows.
Optimization (Weeks 4-5, $5K-$10K): We hit the performance and compliance targets from the discovery doc. Deliverable: benchmarks signed off by your team.
Production hardening (Week 6, $5K): Edge cases, OS version coverage, app store and compliance review readiness. Deliverable: shippable build.
4-6 weeks total. $20K-$30K total.
Money back if we don't hit the benchmarks. We have not had to refund.
"They delivered the project within a short period of time and met all our expectations. They've developed a deep sense of caring and curiosity within the team." - Arpit Bansal, Co-Founder & CEO, Cohesyve
Is on-device AI right for your organization?
Worth 30 minutes? We'll walk you through what your version of the four decisions looks like, what a realistic scope and timeline would be for your app, and what your compliance posture and on-device target mean in practice.
You'll leave with enough to run a planning meeting next week. No pitch deck.
If we're not the right team, we'll tell you who is.
Book a call with the Wednesday team
Frequently Asked Questions
Q: Does the EU AI Act classify employment AI as high-risk?
It depends on the decision scope. EU AI Act Annex III lists specific use cases that qualify as high-risk. Systems making or materially influencing consequential individual decisions fall under high-risk requirements. Systems structured as decision-support tools with mandatory human review can often avoid the classification.
Q: What technical requirements does the EU AI Act impose on on-device AI?
High-risk systems require: risk management, data governance, technical documentation, operational logging, user transparency, human oversight, and accuracy standards. On-device AI satisfies data sovereignty requirements more cleanly than cloud, but the other requirements apply regardless of deployment mode.
Q: How long does it take to ship an EU AI Act-compliant employment AI app?
4–6 weeks for technical integration. Compliance documentation — risk management, technical docs, conformity assessment — adds 2–4 weeks in parallel if you don't have a compliance team already familiar with the Act.
Q: What does EU AI Act-compliant on-device AI cost?
$20K–$30K for technical integration across four fixed-price sprints. Compliance documentation scope varies by system classification.
Q: Can an on-device AI system avoid EU AI Act registration?
General-purpose AI models deployed as product components are subject to transparency obligations but may not require conformity assessment if the overall system is not high-risk. Classification depends on use case, decision scope, and affected population — resolved in the discovery sprint.
Top comments (0)