Get Pricing

  • I am looking for…

Support

Insights to help ignite the power of your people

Trends

AI at Work: Governance, Guardrails and Getting It Right

Spark Team Spark Team

Diverse management team discussing AI governance at table

In the second blog of this series, we said trusted guidance comes from trusted explainers. Here's the next priority: ethics be an afterthought. If AI is going to touch people's work, pay, learning, schedules, or access to opportunity, ethics must be defined on day one and upheld every day after.

This isn't about scaring people. It's about designing for trust. You cannot trust something built in a black box, whose logic doesn't make sense even when explained, whose outcomes wobble or look unfair, and which isn't actively managed, monitored, and improved over time.

Where to look (without getting lost)

You don't need to become a policy scholar, but you should know where to look and why. Consider:

  • Principles to anchor your approach: Look to widely accepted, human-centered principles (e.g., transparency, fairness, accountability, safety, privacy). These appear consistently across reputable guidelines and provide a shared language within your organization.
  • Practical "how" playbooks: Seek frameworks that translate principles into practice, from risk assessment, documentation, testing, monitoring, human oversight, and incident response. These help you move from intent to operations.
  • Your legal baseline: Identify the jurisdictions most relevant to your footprint (employment and privacy rules) where you have any "high-risk" treatment for workplace uses. By "high-risk treatment," I mean AI being allowed to make or influence decisions with significant consequences for people—like hiring, promotions, performance, pay, or termination. You don't need to memorize chapter and verse; just know which rulesets matter and keep counsel involved.

A good rule of thumb: principles for culture, frameworks for practice, laws for limits.

How to know what may apply to you

Not every guideline hits every use case. Focus on three lenses when it comes to applying your guardrails

  1. Use case risk: Hiring, mobility, scheduling, pay, performance, and safety-sensitive decisions warrant the highest bar. Treat these as "high-risk by default."
  2. Data sensitivity: The more personal, predictive, or consequential the data, the stronger your consent, data minimization, retention, and security practices must be.
  3. Geography and workforce: Where employees sit and which populations are impacted drives which privacy and employment protections apply.

If you're unsure, assume higher scrutiny and document why you chose the controls you did.

Document where responsibilities lie

Ethics is a team sport. Clarify responsibilities early and make it contractual.

What you should consider owning (the client side):

  • Purpose and policy: Define why you're using AI, where it's allowed, and what "fair" means in your context. Write it down.
  • Data stewardship: Decide what data you'll provide (and won't), how you'll secure it, who can access it, and how long you keep it.
  • Human oversight: Decide when a person must review or override an AI-assisted recommendation, especially in hiring, pay, scheduling, and performance.
  • Impact testing in your environment: Evaluate outcomes on your workforce. Vendor tests are necessary, but they're not sufficient on their own
  • Communication and consent: Tell employees when and how AI is used, what it changes, and their options to appeal or seek clarification.
  • Training and change: Equip HR, managers, and help desks to use the tools responsibly and to handle questions well.

What your vendor should own (and prove):

  • Model transparency in plain language: What the system does, what data it uses, and known limitations
  • Bias, robustness, and drift testing*: Pre-deployment and ongoing. Ask for summary artifacts (e.g., model cards, test reports).
  • Security and privacy controls: Independent attestations or certifications, privacy-by-design evidence, secure development lifecycle.
  • Monitoring and alerting: How they detect drift or performance degradation and how you'll be notified
  • Admin controls: Role-based access, audit logs, configuration options for thresholds, human-in-the-loop steps, and data retention
  • Support and escalation: A clear playbook for incidents, recourse, and timelines.

If your vendor can't explain their safeguards simply—and show proof—treat that as a red flag.

*Drift testing refers to checking whether an AI system's accuracy or behavior changes over time as your people, jobs, or data evolve, and addressing these changes, much like a tune-up.

"There are several considerations to make when aligning with a vendor to deploy successful AI-enabled HCM solutions," says Helena Almeida, Vice President and Managing Counsel, AI Legal Officer at ADP. "You need to trust and verify that they have a solid, responsible AI framework in place, with clear governance policies."

The infrastructure you need to uphold ethics

Think of this as your responsible AI operating system for HR:

1. Data management

  • Data inventory (what you use and why), minimization, retention, lineage
  • Quality checks and processes to fix issues
  • Consent and notice flows that employees can actually understand

2. Governance

  • A select group/privacy, compliance)
  • Clear RACI for approvals, reviews, overrides, and decommissioning
  • Documented "acceptable use" and exception handling

3. Accountability

  • Document names of owners for each AI use case.
  • Human-in-the-loop points defined (approve, review, or override)
  • Decision records: what was recommended, what was acted on, and why

4. Testing and monitoring

  • Pre-launch impact testing (accuracy, stability, and fairness)
  • Post-launch monitoring cadence (e.g., monthly accuracy & adverse-impact checks)
  • Triggers and thresholds that force review, retraining, or rollback

5. Auditability

  • Model and decision logs, version history, configuration history
  • Evidence you can hand to auditors or regulators without a fire drill

6. Change management and training

  • Role-specific training for HR, managers, and employee support
  • A feedback loop: collect employee and manager experiences, improve the system
  • This is how ethics becomes defined and deployed, not just declared.

There are several considerations to make when aligning with a vendor to deploy successful AI-enabled HCM solutions. You need to trust and verify that they have a solid responsible AI framework in place, with clear governance policies.

Helena Almeida, Vice President and Managing Counsel, AI Legal Officer, ADP

Five questions to keep your AI governance oriented

  1. Purpose: What outcome are we designing, and is AI the right tool for it?
  2. People: Who is affected, and how will they understand/appeal decisions?
  3. Proof: What evidence shows the system is accurate, fair, and stable for our workforce?
  4. Process: Who owns oversight, and what happens when results drift or feel off?
  5. Partner: Can our vendor explain, evidence, and adapt—without relying on vague messaging?

How ADP fits this picture

ADP has long treated data responsibility as a design standard, not a slogan. The value for HR leaders is twofold: (1) strong privacy and security scaffolding built into the products, and (2) a posture of trusted explanation with clear language, governance artifacts, and client education that help you meet your side of the responsibility split. That's exactly the spirit of ADP's "Ethics in action: Simplifying decision making for trustworthy AI" virtual session available on demand. Get practical clarity on privacy, consent, and transparency; how to craft fair policies you can uphold; and ways to reduce the complexity of ethical decision-making so teams can actually do this day-to-day.

The bridge: From governance to growth

When ethics are defined up front and supported by the right operating system, AI becomes something people will use and trust. That's the unlock for growth. In our final chapter of this series, we'll show how responsible foundations translate into real human impact: higher adoption, better decisions, and outcomes that are measurably fair, faster, and more human-centered.

Bring out the best in every payroll and HR moment with AI by ADP.


Jess Von Bank is a 23-year industry veteran and passionate advocate for the future of work and talent. With experience as a recruiting practitioner and workforce solutions expert, she helps executives design digital-first cultures that meet both people's expectations and business needs.

A global thought leader in HR transformation, digital experience, and workforce technology, Jess specializes in recruiting, talent strategy, employer branding, DEI, and storytelling. She leads Mercer's Now of Work community and serves as President of Diverse Daisies, a nonprofit empowering girls. Based in Minneapolis, she balances racing for free swag with raising her three daughters.

Recommended for You

Tools & Resources

Take your organization to the next level with practical tools and resources that can help you work smarter.

Visit Resource Center

Recommend a Topic

Is there a topic or business challenge you would like to see covered on SPARK?

Subscribe to SPARK

Stay in the know on the latest workforce trends and insights.

Choose your subscription(s):

Your privacy is assured.

Recommend a Topic

Is there a topic or business challenge you would like to see covered on SPARK? Please let us know by completing this form.

All submissions will be reviewed and considered for use in future SPARK articles.

Important: If you need ADP service or support, visit ADP.com/contact-us/customer-service or call 1-844-227-5237.

Your privacy is assured.