Background check AI · I-9 verification AI · Performance review AI · Workers’ comp HR AI

Prompt injection in HR and workforce management AI

Human resources and workforce management AI has become integral to hiring, compliance, and employee lifecycle decisions at scale: HireRight and Sterling Risq process background checks for approximately 30% and 20% of US Fortune 500 companies respectively, Checkr AI processes background checks for gig economy employers including Uber, Lyft, and DoorDash at a rate exceeding 10 million background checks annually, ADP SmartCompliance processes I-9 employment eligibility verification for 750,000+ US employers covering more than 30 million employees, and Lattice and Leapsome AI performance management platforms serve tens of thousands of organisations with AI-assisted performance review and goal tracking. These platforms share a structural vulnerability that creates an adversarial image injection exposure: each depends on document photographs, identity images, and evidentiary photographs submitted through external-facing intake pathways — applicant background check document upload portals, I-9 remote verification video call screenshot APIs, performance review evidence photograph submission tools, and workers’ compensation case management documentation portals — where the submitting party has an interest in the AI’s classification outcome. An adversarially crafted document image submitted through any of these pathways can cause the AI to suppress adverse background check information, accept an unauthorised identity document as conforming, inflate or deflate performance evidence scores, or misclassify injury severity in HR case management — with consequences spanning FCRA compliance exposure, IRCA employer liability, wrongful termination litigation, and workers’ comp bad faith claims. This page covers four injection surfaces across background check document AI, I-9 identity verification AI, performance review evidence AI, and HR workers’ compensation AI, and explains how Glyphward’s pre-scan gate addresses the threat at the image ingestion boundary.

TL;DR

HR and workforce management AI platforms — HireRight, Sterling, Checkr, First Advantage, Accurate Background (background checks), Equifax Workforce Solutions I-9, ADP SmartCompliance, Workday I-9, AMS I-9 Advantage (employment eligibility), Lattice AI, Leapsome AI, Betterworks AI, Culture Amp AI (performance review) — process background check document scans, I-9 identity document photographs, performance evidence images, and workers’ compensation injury documentation through AI HR compliance and evaluation pipelines. Adversarially crafted document images submitted through applicant portals, remote I-9 verification apps, performance review tools, and HR case management systems can suppress adverse findings, enable unauthorised employment, manipulate performance outcomes, and conceal injury severity. Glyphward scans each image at the ingestion boundary with a threshold of ≥ 60 for HR compliance contexts and ≥ 55 for background check FCRA high-impact decisions. Free tier — 10 scans/day, no card required.

Four adversarial injection surfaces in HR and workforce management AI

1. Background check supporting document AI injection (HireRight, Sterling, Checkr, First Advantage, Accurate Background)

Employment background check AI processes photographs and scans of criminal court records, employment verification letters, professional licence documents, and education verification certificates submitted by applicants through background check vendor portals to extract and classify adverse information for inclusion in consumer reports delivered to employers under the Fair Credit Reporting Act (FCRA). HireRight processes background checks for approximately 30% of Fortune 500 companies including Amazon, Microsoft, and Deloitte, deploying AI document classification to extract criminal history data from court record photographs, employment dates and positions from employer verification letters, and degree and graduation dates from educational institution transcripts. Sterling Risq processes background checks for financial services, healthcare, and technology employers, with AI document verification for professional licence records (CPA, PE, RN, MD) relevant to regulated industry hiring. Checkr AI processes background checks for gig economy employers including Uber, Lyft, DoorDash, Amazon Flex, and Instacart, where background check turnaround time is a competitive differentiator and AI document classification is used to accelerate court record processing. First Advantage operates internationally, processing background checks for global employers across APAC, EMEA, and the Americas with AI court record and education verification document processing.

The adversarial injection surface is the applicant document photograph submission pathway: the applicant upload portal through which job candidates submit court record photographs, employment verification letters, and education certificates for AI classification and extraction. An adversarially crafted criminal court record photograph — in which pixel perturbations applied to the conviction entry text, case number fields, or disposition status cause HireRight AI or Checkr AI to misclassify a felony conviction record as a dismissed charge, or to fail to extract a conviction entry at all — can suppress adverse criminal history information from the FCRA consumer report delivered to the employer. The FCRA consumer report omission enables the employer to make a hiring decision without the adverse information that would have triggered a conditional adverse action notice under FCRA § 604 — potentially placing a person with a disqualifying criminal history in a position involving vulnerable populations, financial access, or security clearance eligibility.

FCRA § 607(b) requires consumer reporting agencies (CRAs) to follow reasonable procedures to assure maximum possible accuracy of information in consumer reports. A background check AI that has been compromised by adversarial document image manipulation produces consumer reports that omit accurate adverse information — a violation of the § 607(b) accuracy obligation that cannot be defended as a reasonable procedure failure once the adversarial manipulation mechanism is established. FCRA § 616 and § 617 provide civil liability for wilful and negligent noncompliance, including actual damages, statutory damages of $100–$1,000 per violation, punitive damages, and attorneys’ fees. Class action exposure is significant: FTC enforcement actions and private class actions against background check vendors including TransUnion, Equifax, HireRight, and Sterling have produced settlements in the tens of millions of dollars for systematic FCRA accuracy violations. Threshold: 55 for background check document AI (FCRA accuracy, high-impact employment decisions, adverse information suppression).

2. I-9 identity document AI injection (Equifax Workforce Solutions I-9, ADP SmartCompliance, Workday I-9, AMS I-9 Advantage)

Employment eligibility verification AI processes photographs of identity documents submitted during I-9 completion workflows to classify document type, extract expiration date and document number, and confirm that the presented document is facially valid under 8 CFR § 274a.2 (Documentation of employment eligibility). ADP SmartCompliance I-9 serves 750,000+ employers in the United States, processing identity document photographs submitted through remote I-9 verification workflows for remote hire onboarding, where the employer’s authorised representative or I-9 service provider views the document via video call and the AI classifies the photographed document to confirm List A, B, or C document type and extract the required fields for Form I-9 completion. Equifax I-9 Anywhere and Equifax Workforce Solutions I-9 process I-9 identity document verification for large employers including retail, healthcare, and financial services companies. Workday I-9 integration processes identity document photographs for employers using Workday HCM for onboarding. AMS I-9 Advantage processes I-9 administration for healthcare employers and staffing agencies where document verification volume and turnaround time are operational priorities.

The adversarial injection surface is the identity document photograph submission pathway during remote I-9 verification: the document photograph captured by the employee’s device during a remote I-9 session and submitted through the I-9 platform API for AI classification. An adversarially crafted identity document photograph — in which pixel perturbations applied to the expiration date field, document class indicator, or security feature region cause ADP SmartCompliance I-9 AI or Workday I-9 AI to classify an expired document as unexpired, or to classify an unauthorised alien registration document as a List A document establishing both identity and work authorisation — can enable an employee without work authorisation to complete I-9 verification with an AI-confirmed document that would not withstand physical document examination. The adversarial manipulation operates at the sub-pixel level in the same region a human reviewer would check — the expiration date and document class — but produces a misclassification that the remote I-9 platform records as an AI-confirmed valid document.

The Immigration Reform and Control Act (IRCA) 8 USC § 1324a imposes civil monetary penalties on employers who knowingly hire, recruit, refer for a fee, or continue to employ unauthorised aliens, with civil penalties ranging from $272 to $27,018 per violation for first and subsequent knowing violations under 8 CFR § 274a.10 (2024 inflation-adjusted amounts). An employer whose remote I-9 verification AI has been compromised by adversarial document image manipulation that enabled an unauthorised alien to pass I-9 verification faces a complex legal defence: the I-9 AI verification produced a confirmed document classification, but the document was adversarially manipulated to pass that classification. DHS I-9 audit exposure — which has increased under the post-2025 ICE enforcement environment — focuses on Form I-9 document accuracy and employer good faith reliance on presented documents. The adversarial manipulation defence available to the employer depends on whether the employer’s I-9 platform implements pre-scan document integrity verification; without a Glyphward pre-scan audit record demonstrating that the manipulated document photograph was submitted and passed classification without a manipulation flag, the employer cannot establish the manipulation as a defence. Threshold: 60 for I-9 identity document AI (IRCA employer exposure, unauthorised employment enablement, ICE audit risk).

3. Performance review evidence AI injection (Lattice AI, Leapsome AI, Betterworks AI, Culture Amp AI)

Performance management AI processes evidence photographs, deliverable screenshots, and supporting documentation images submitted by employees and managers through performance review platforms to support objective-setting, performance rating calibration, and compensation recommendation workflows. Lattice AI is deployed by 5,000+ companies including Slack, Reddit, and Asana, processing performance evidence submitted through Lattice’s OKR and performance review modules where AI-assisted rating suggestions and calibration tools aggregate evidence for manager review. Leapsome AI processes 360-degree feedback evidence and OKR progress photographs for European and global technology companies. Betterworks AI processes continuous performance check-in evidence and goal progress documentation for enterprise customers including Intuit, Colgate-Palmolive, and Informatica. Culture Amp AI processes survey-driven performance evidence and manager effectiveness data for HR teams at companies including McDonald’s, Airbnb, and Salesforce.

The adversarial injection surface is the performance evidence photograph submission pathway: screenshots of completed work products, deliverable photographs, meeting attendance records, and project milestone documentation submitted through performance platform upload APIs by employees seeking to inflate their performance evidence or suppress negative performance indicators. An adversarially crafted performance evidence photograph — in which pixel perturbations applied to KPI metrics regions, completion status indicators, or quality metrics cause Lattice AI or Leapsome AI to misclassify a missed OKR as achieved, a deliverable below standard as exceeding standard, or an attendance record with absences as complete — can inflate the AI-generated performance evidence summary used in manager calibration sessions and compensation decisions. The adversarial inflation direction is financially motivated: inflated performance evidence in AI-assisted calibration produces higher performance ratings, which in organisations where performance ratings gate merit increase and bonus allocation produce direct compensation consequences.

Performance management system integrity violations by employees who manipulate AI performance evidence tools do not have a direct statutory analogue, but produce employer exposure under wrongful termination and discrimination litigation frameworks: if a high-performing employee whose AI performance evidence has been adversarially deflated by a manager or peer receives a low performance rating and is subsequently terminated, the employer’s defence of the termination depends on the integrity of the performance evidence system. An employer who cannot establish that performance evidence was free from adversarial manipulation faces a credibility challenge in wrongful termination proceedings where the performance evidence is the primary factual basis for the employment decision. California FEHA, New York SHRL, and equivalent state employment discrimination statutes impose significant litigation exposure on employers whose performance management processes produce discriminatory outcomes — and adversarial manipulation of AI performance evidence tools that systematically suppresses the performance ratings of protected class members creates exactly the kind of disparate impact pattern that EEOC enforcement and private employment litigation focuses on. Threshold: 60 for performance review evidence AI (compensation and employment consequence, discrimination litigation exposure).

4. Workers’ compensation HR case management AI injection (HR case management integration with Carisk, CorVel, and Sedgwick AI)

HR workers’ compensation case management AI processes injury photographs, medical documentation images, and functional capacity evaluation (FCE) photographs submitted through HR case management platform integrations with workers’ comp claim systems to classify claim severity, generate return-to-work (RTW) timeline estimates, and flag claims requiring specialised accommodation under ADA Title I or state workers’ comp rehabilitation requirements. Sedgwick’s claims management platform — which administers workers’ comp claims for more than 4,000 employers including Amazon, Walmart, and Target — integrates HR documentation into claim severity classification AI that influences RTW accommodation decisions, modified duty assignment offers, and ADA interactive process initiation. Concentra Occupational Health AI processes injury assessment photographs and occupational health evaluation documentation submitted through employer HR system integrations for post-offer employment physicals and return-to-work fit-for-duty assessments. Broadspire AI (a Crawford company) processes claim severity documentation and medical evidence photographs for self-insured employer claims programmes across retail, manufacturing, and healthcare sectors.

The adversarial injection surface is the injury photograph and medical documentation submission pathway within the HR case management system: injury photographs submitted by the employee, occupational health provider documentation images submitted through employer-integrated occupational health portals, and IME documentation submitted through case management platform APIs. An adversarially crafted injury photograph — in which pixel perturbations applied to the region showing visible injury severity cause Sedgwick AI or Concentra AI to underestimate injury severity, downgrade the claim from a permanent partial disability (PPD) trajectory to a medical-only (MO) claim trajectory, or suppress an ADA interactive process initiation trigger — can result in premature RTW assignment on a claim where the injury requires modified duty accommodation, with consequent re-injury risk and ADA § 102 failure-to-accommodate exposure for the employer.

ADA Title I § 102(b)(5) requires employers to make reasonable accommodations to the known physical limitations of an otherwise qualified individual with a disability unless the accommodation would impose an undue hardship on the employer. An employer whose HR case management AI has been compromised by adversarial injury photograph manipulation that underestimates injury severity — resulting in a premature RTW assignment without appropriate accommodation — cannot establish good faith reliance on the AI assessment as a defence to an ADA § 107 enforcement action or private civil rights lawsuit if the AI system lacked adversarial input integrity controls. State workers’ comp rehabilitation statutes — including California Labor Code § 4658, New York WCL § 15(6), and Texas Labor Code § 408.181 — impose vocational rehabilitation obligations on employers and carriers for permanently impaired workers; adversarial suppression of injury severity in HR case management AI can deny the injured worker the rehabilitation referral they are entitled to under state law. Threshold: 60 for HR workers’ comp case management AI (ADA reasonable accommodation, RTW injury risk, state rehabilitation entitlement).

Integration: HR and workforce management AI image ingestion with Glyphward pre-scan

HR and workforce management AI image ingestion flows from applicant document upload portals, remote I-9 verification apps, performance review evidence submission tools, and HR case management systems into AI hiring, compliance, and performance evaluation pipelines. Insert Glyphward’s pre-scan at the ingestion boundary — particularly for externally submitted documents where the submitting party has a compliance or financial interest in the AI’s classification outcome:

import asyncio
import base64
import hashlib
import os
import uuid
from enum import Enum
from pathlib import Path

import httpx

GLYPHWARD_API_KEY = os.environ["GLYPHWARD_API_KEY"]
GLYPHWARD_SCAN_URL = "https://glyphward.com/v1/scan"

# HR and workforce management AI — FCRA accuracy, IRCA employer exposure,
# employment litigation, and ADA accommodation consequences.
# 60 for I-9, performance, and RTW case management AI;
# 55 for background check document AI (FCRA high-impact adverse information).
THRESHOLD_HR_COMPLIANCE       = 60
THRESHOLD_BACKGROUND_CHECK    = 55


class HRWorkforceAIContext(str, Enum):
    BACKGROUND_CHECK_DOC   = "background_check_doc"   # HireRight, Sterling, Checkr, First Advantage
    I9_IDENTITY_DOC        = "i9_identity_doc"         # ADP SmartCompliance, Workday I-9, Equifax I-9
    PERFORMANCE_EVIDENCE   = "performance_evidence"    # Lattice, Leapsome, Betterworks, Culture Amp
    WORKERS_COMP_INJURY    = "workers_comp_injury"     # Sedgwick, Concentra, Broadspire


def _threshold_for(context: HRWorkforceAIContext) -> int:
    if context == HRWorkforceAIContext.BACKGROUND_CHECK_DOC:
        return THRESHOLD_BACKGROUND_CHECK
    return THRESHOLD_HR_COMPLIANCE


async def scan_hr_document_image(
    image_path: str | Path,
    context: HRWorkforceAIContext,
    candidate_id_hash: str,   # SHA-256 of applicant/employee ID — no PII
    employer_id: str,         # internal employer identifier
    document_type: str,       # e.g. "criminal_record", "passport", "okr_screenshot"
    client: httpx.AsyncClient,
) -> dict:
    """
    Scan an HR and workforce management AI document image for adversarial injection
    payloads before forwarding to background check, I-9 verification, performance
    review evidence, or workers' compensation case management AI platforms.

    Raises AdversarialHRDocumentError if the Glyphward score meets or exceeds
    the threshold for the given HR AI context.
    """
    image_bytes = Path(image_path).read_bytes()
    image_b64 = base64.b64encode(image_bytes).decode()
    image_sha256 = hashlib.sha256(image_bytes).hexdigest()
    scan_id = str(uuid.uuid4())
    threshold = _threshold_for(context)

    resp = await client.post(
        GLYPHWARD_SCAN_URL,
        headers={"Authorization": f"Bearer {GLYPHWARD_API_KEY}"},
        json={
            "image": image_b64,
            "source": context.value,
            "metadata": {
                "hr_context": context.value,
                "candidate_id": candidate_id_hash,
                "employer_id": employer_id,
                "document_type": document_type,
                "client_scan_id": scan_id,
                "image_sha256": image_sha256,
            },
        },
        timeout=8.0,
    )
    resp.raise_for_status()
    result = resp.json()

    audit_record = {
        "candidate_id": candidate_id_hash,
        "employer_id": employer_id,
        "document_type": document_type,
        "hr_context": context.value,
        "scan_id": result["scan_id"],
        "client_scan_id": scan_id,
        "image_sha256": image_sha256,
        "score": result["score"],
        "flagged_region": result.get("flagged_region"),
        "threshold": threshold,
        "action": "blocked" if result["score"] >= threshold else "allowed",
    }
    await write_hr_audit_record(audit_record)

    if result["score"] >= threshold:
        raise AdversarialHRDocumentError(
            f"HR AI document blocked [{context.value}]: "
            f"scan_id={result['scan_id']} score={result['score']} "
            f"candidate={candidate_id_hash} employer={employer_id} "
            f"doc_type={document_type}"
        )
    return result


async def scan_background_check_document_set(
    document_paths: list[Path],
    candidate_id_hash: str,
    employer_id: str,
) -> dict:
    """
    Scan all background check supporting documents for a single candidate
    before forwarding to HireRight, Sterling, Checkr, or First Advantage AI.
    """
    allowed, blocked, errors = [], [], []
    async with httpx.AsyncClient() as client:
        tasks = [
            scan_hr_document_image(
                p, HRWorkforceAIContext.BACKGROUND_CHECK_DOC,
                candidate_id_hash, employer_id, "background_check_doc", client,
            )
            for p in document_paths
        ]
        results = await asyncio.gather(*tasks, return_exceptions=True)

    for path, result in zip(document_paths, results):
        if isinstance(result, AdversarialHRDocumentError):
            blocked.append({"path": str(path), "error": str(result)})
        elif isinstance(result, Exception):
            errors.append({"path": str(path), "error": str(result)})
        else:
            allowed.append({"path": str(path), "scan_id": result["scan_id"]})

    return {
        "candidate_id": candidate_id_hash,
        "employer_id": employer_id,
        "total": len(document_paths),
        "allowed": len(allowed),
        "blocked": len(blocked),
        "errors": len(errors),
        "blocked_documents": blocked,
    }


async def write_hr_audit_record(record: dict) -> None:
    """Persist audit record to HR compliance audit store (stub)."""
    import json, sys
    print(json.dumps(record), file=sys.stderr)


class AdversarialHRDocumentError(Exception):
    """Raised when an HR AI document image exceeds the adversarial injection threshold."""
    pass

Call scan_hr_document_image() before forwarding individual background check documents, I-9 identity document photographs, performance evidence screenshots, and workers’ comp injury photographs to their respective AI classification platforms. Call scan_background_check_document_set() for the full document package submitted by each candidate — this is the most operationally efficient integration point for background check vendors that receive multi-document submission packages. The candidate_id_hash uses a SHA-256 hash of the internal applicant or employee ID — not the candidate’s name, SSN, or date of birth — to maintain audit correlation without transmitting PII to the API boundary. The document_type parameter enables contextual scoring calibration: set "criminal_record" for court record photographs (highest adverse information suppression risk), "passport" or "drivers_license" for I-9 List A/B documents, and "okr_screenshot" or "performance_deliverable" for performance evidence images. Get early access

Coverage matrix

Control	Background check document AI injection	I-9 identity document AI injection	Performance evidence AI injection	Workers’ comp HR AI injection
Text-only PI scanners (Lakera, LLM Guard)	No — pixel-level perturbations in court record photographs not visible to text scanners	No — identity document photograph pixel manipulation not detected by text analysis	No — performance evidence screenshot pixel payloads not seen by text-only tools	No — injury photograph pixel perturbations invisible to text scanners
FCRA consumer report accuracy rules	FCRA § 607(b) requires accuracy but does not specify AI document image integrity controls for background check vendors	8 CFR § 274a.2 I-9 document validity rules do not address adversarial manipulation of remote verification photographs	No regulatory framework governs performance evidence image integrity in private sector performance management	ADA and workers’ comp statutes require accurate injury assessment but do not specify AI imaging integrity controls
Human HR document reviewer	Sub-pixel perturbations imperceptible during HR staff document review at background check volumes	Remote I-9 authorised representatives cannot detect adversarial pixel manipulation in video-call document views	Managers calibrating performance evidence cannot detect adversarial pixel manipulation in uploaded screenshots	HR case managers cannot detect adversarial pixel manipulation in injury photograph submissions
Glyphward	Yes — threshold 55; candidate_id_hash audit trail; blocks adversarial criminal record photographs before HireRight/Checkr AI classification	Yes — threshold 60; blocks adversarially manipulated identity documents before ADP SmartCompliance/Workday I-9 AI verification	Yes — threshold 60; blocks adversarially crafted performance evidence screenshots before Lattice/Leapsome AI calibration input	Yes — threshold 60; blocks adversarial injury photographs before Sedgwick/Concentra/Broadspire AI severity classification

Frequently asked questions

How does adversarial injection on background check documents differ from document forgery, and why don’t existing FCRA accuracy controls catch it?

Document forgery involves creating a physically different document — a fabricated court record, a forged diploma, a photoshopped employment letter — that replaces the genuine document entirely. Background check vendor fraud detection programmes look for document fabrication indicators: metadata inconsistencies, printing anomalies, institutional document format deviations, and reverse image search matches against stock document templates. These detection approaches are calibrated for the genuine document replacement scenario. Adversarial injection does not create a forged document: it takes the genuine court record photograph — the actual criminal conviction document that would disqualify the applicant — and applies sub-pixel mathematical perturbations that cause the background check AI to misclassify the conviction entry. The genuine document with the adversarial perturbations applied is indistinguishable from the genuine unperturbed document to a human reviewer, to document metadata analysis, and to digital forensics tools looking for fabrication artifacts.

FCRA § 607(b) requires reasonable accuracy procedures, but the CRA’s accuracy obligation is calibrated for source data accuracy — ensuring that court records are accurately transcribed and that the correct subject’s record is returned — not for adversarial manipulation of the submitted document images. The FCRA accuracy framework was designed when background check document processing was a manual transcription activity, and the AI-assisted classification layer that modern background check vendors apply to submitted photographs is a processing innovation that sits above the layer at which existing accuracy controls operate. Pre-scan image integrity verification at the document photograph submission boundary — which Glyphward provides — is the only control mechanism that operates at the layer where the adversarial manipulation occurs.

What is the employer’s IRCA liability when an I-9 AI adversarial manipulation enables an unauthorised alien to pass employment eligibility verification?

IRCA 8 USC § 1324a(a)(1)(A) prohibits employers from knowingly hiring an unauthorised alien. The statutory term “knowingly” includes constructive knowledge: an employer who fails to maintain a valid I-9 form and fails to comply with the document examination and verification requirements of 8 CFR § 274a.2 is deemed to have constructive knowledge of unauthorised status. The I-9 good faith compliance defence — 8 USC § 1324a(b)(6) — protects employers who examine List A or List B/C documents that “reasonably appear on their face” to be genuine. The good faith defence depends on the employer having conducted a genuine examination of the presented document, not on the AI verification platform producing a conforming classification result.

When a remote I-9 AI verification platform produces a false-passing classification on an adversarially manipulated identity document photograph, the employer’s good faith defence is available only if the employer can establish that the authorised representative’s examination of the document during the remote I-9 session was conducted in compliance with DHS Form M-274 (Handbook for Employers) remote examination guidance — which requires the authorised representative to examine the document via live video link and confirm that it reasonably appears genuine. If the adversarial manipulation is in the photograph submitted after the live video examination — which the AI platform processes for classification — the employer’s good faith defence for the live examination may be intact, but the AI-confirmed classification record may create compliance document confusion. Employers using remote I-9 AI verification should implement Glyphward pre-scan on the document photograph submission API specifically to maintain a documented integrity chain between the live authorised representative examination and the AI-classified record.

What is the recommended protocol when Glyphward flags a suspicious performance evidence image in a performance review cycle?

When Glyphward’s pre-scan raises an AdversarialHRDocumentError for a performance evidence image submitted through Lattice, Leapsome, Betterworks, or Culture Amp, the HR platform operator’s response protocol has three immediate steps. First: block the flagged image from the AI performance calibration pipeline — the scan_hr_document_image() function does this automatically before the image reaches the performance AI. Second: flag the submission in the performance review workflow for manual manager review rather than AI-assisted calibration, ensuring that the performance review cycle is not delayed by the investigation — the employee whose evidence was flagged is entitled to have their performance evaluated, and deferring evaluation pending the investigation may itself constitute an adverse employment action. Third: preserve the flagged image and Glyphward audit record (scan_id, flagged_region, score) as HR compliance documentation.

For investigation: review the authenticated session that submitted the flagged image and the upload timestamp relative to the performance review cycle deadline. Performance evidence submission fraud — whether by inflation (employee manipulating evidence to appear higher-performing) or deflation (manager or peer manipulating evidence to appear lower-performing) — is a misconduct matter under the employer’s code of conduct and, if repeated, potentially a material misrepresentation in employment records that supports termination for cause. If the manipulation appears to be in the deflation direction and the affected employee is a member of a protected class, the HR and legal teams should assess whether the incident constitutes evidence of discriminatory intent that should be documented in the event of subsequent EEOC or state agency proceedings. All flagged performance evidence image incidents should be retained in the employee’s HR file as HR compliance documentation, independent of the outcome of the performance review cycle.