EEO and Compliance Reporting with Your ATS: What You're Required to Track and How
Hiring compliance in the US operates on two levels: voluntary EEO reporting for most employers, and mandatory OFCCP compliance for federal contractors. Both require your ATS to capture data that many default configurations don’t collect by default.
This guide covers what you’re required to track, which ATS tools handle it, and what a compliance audit of your hiring data looks like.
EEO requirements for most US employers
The Equal Employment Opportunity Commission (EEOC) requires employers with 100+ employees (or federal contractors with 50+ employees and $50,000+ in contracts) to file an EEO-1 Component 1 report annually. This report captures employee headcount by:
- Race/ethnicity
- Sex
- Job category (10 EEOC-defined categories from Executive/Senior Officials to Service Workers)
What the EEO-1 does NOT capture: Applicant data. The EEO-1 is a snapshot of your current workforce, not your hiring pipeline.
What applicant data requirements apply: Section 709(c) of Title VII requires employers to preserve records related to hiring decisions (applications, interview notes, rejection reasons) for 1 year from the date of the hiring decision. Federal contractors under OFCCP must preserve these records for 2 years.
OFCCP requirements for federal contractors
If your company holds federal contracts over $10,000, you are subject to OFCCP regulations (Office of Federal Contract Compliance Programs). OFCCP requirements are significantly more demanding than general EEOC requirements:
Internet Applicant Rule: Federal contractors must define what constitutes an “internet applicant” and apply consistent criteria. The rule requires tracking:
- All “internet applicants” who meet the basic qualifications
- Self-identified race/ethnicity and sex for each applicant
- Disposition codes (hired, rejected, withdrew) with reasons
Adverse Impact Analysis: OFCCP compliance requires periodic analysis of whether your selection criteria have disparate impact on protected classes. This requires tracking demographic data through your hiring funnel — not just at hire.
Written Affirmative Action Plan (AAP): Federal contractors with 50+ employees and $50,000+ in contracts must maintain a written AAP. The AAP requires utilisation analysis, availability analysis, and placement goals.
What your ATS must capture
For OFCCP compliance, your ATS needs to:
-
Collect voluntary self-identification: Race/ethnicity and sex self-ID forms at application. These must be voluntary and stored separately from the main application to avoid discrimination.
-
Apply consistent applicant definitions: What counts as a complete application under your Internet Applicant rule? The ATS should filter to applicants who meet basic qualifications, not everyone who touched the form.
-
Track disposition codes: Every applicant needs a disposition (hired, rejected at resume screen, rejected at phone screen, withdrew, etc.). These must be consistent and auditable.
-
Record interview panelists and scorecards: OFCCP auditors will look at who made decisions and whether structured criteria were applied consistently.
-
Retain data for 2 years: Federal contractors must keep applicant data for 2 years from the hiring decision.
How ATS tools handle compliance
Greenhouse
Greenhouse has the most mature EEOC/OFCCP compliance infrastructure in the mid-market ATS category:
- Voluntary self-ID forms built in (separate from the main application)
- Disposition tracking with customisable reason codes
- EEOC reporting dashboard with funnel data by demographic
- Audit logs showing who made decisions and when
- Data retention settings for 2-year OFCCP requirement
Limitation: OFCCP adverse impact analysis requires exporting data to a separate tool or spreadsheet. Greenhouse doesn’t include a built-in AAP analysis module.
Workable
Workable has standard EEOC data collection built in (voluntary self-ID at application). Disposition tracking is available. EEOC reports are available on Business plan ($299/mo) and above.
Limitation: Not purpose-built for OFCCP compliance. Federal contractors with formal AAP requirements typically need supplementary tools or consultants.
Lever
Lever includes EEO data collection and basic diversity reporting. Disposition tracking is configurable.
Limitation: Similar to Workable — adequate for basic EEOC requirements; not built for formal OFCCP AAP compliance.
Ashby
Ashby’s analytics capabilities are strong, but EEO/OFCCP compliance tooling is less developed than Greenhouse. Voluntary self-ID collection is available; formal adverse impact analysis requires data export.
SmartRecruiters
SmartRecruiters has EEO data collection, configurable disposition codes, and EEOC reporting. Their enterprise tier includes more robust compliance features.
What a hiring audit looks like
If you receive an EEOC charge or OFCCP compliance review, the auditor will request:
- Applicant logs — list of all applicants for each position with identifiers, application date, and demographic data
- Disposition records — what happened to each applicant and why
- Selection criteria — job postings, job descriptions, minimum qualifications used to define your applicant pool
- Interview records — who interviewed whom, what criteria were used, scorecard data
- Decision records — who made the hiring decision and on what basis
An ATS that captures all of this — and retains it for 2 years — is your first line of defence in a compliance audit. An ATS with incomplete data, missing disposition codes, or no demographic capture creates liability.
The self-ID collection problem
Demographic self-identification must be:
- Voluntary (workers cannot be required to provide it)
- Stored separately from the application to prevent discrimination
- Anonymous at the decision-making stage (interviewers should not see self-ID data)
Most ATS tools separate self-ID collection onto a separate form page or post-submission collection step. Verify that your ATS configuration meets this requirement before collecting data.
If collection rates are low: Low voluntary self-ID rates (below 60%) make adverse impact analysis statistically unreliable. Communicate clearly to applicants why you collect the data, that it’s voluntary, and how it’s used.
Practical checklist
Before your next OFCCP review or EEOC filing period:
- Verify voluntary self-ID forms are configured and separate from the main application
- Confirm disposition codes are defined and consistently applied
- Check that every closed requisition has complete disposition data for all applicants
- Verify data retention settings meet your 2-year requirement
- Export a sample applicant log and verify all required fields are present
- Confirm interview scorecard data is captured and retained
- Run a basic funnel analysis by demographic to identify potential adverse impact before an auditor does
Further reading
- Greenhouse review — strongest EEO/OFCCP compliance tooling
- Candidate scorecard — structured interviewing and compliance
- Pipeline stage — disposition tracking and stage design
- Structured interviewing with your ATS