HomeAnalysisMobley v. Workday: what the second amended complaint actually changes
May 21, 2026Mobley v. Workdaybias auditvendor liabilitylitigation

Mobley v. Workday: what the second amended complaint actually changes

January 2026's second amended complaint reframes Mobley from a vendor-as-employer-agent question into an audit-methodology question. That shift has implications for every vendor that has published a NYC LL 144 bias audit.

By HireAIScore editorial

The procedural history of Mobley v. Workday matters because each turn has shifted what the case is about.

In the original 2023 complaint, the question was: can an AI hiring vendor be sued at all as an "employer" under Title VII when it does not actually employ the plaintiff? In July 2024, the Northern District of California answered yes, at least at the motion-to-dismiss stage, adopting the "agent of the employer" theory. That ruling alone would have been enough to make the case a landmark. It is the first US opinion to hold that an algorithm vendor steps into the employer's shoes for Title VII purposes when an employer delegates screening to it.

May 2025's conditional collective certification under the ADEA widened the class. By mid-2025, the case had become a vendor-liability case focused on the relationship between Workday and its customers.

The January 2026 second amended complaint does something different. It pivots the case onto the methodology of Workday's own bias audit.

What the audit said

Workday commissioned Secretariat to conduct a NYC LL 144-style bias audit of HiredScore Spotlight, the ranking-and-orchestration product acquired from HiredScore in 2024. The audit, published in early 2026, analysed scoring data from September 2025 through February 2026 across the five highest-volume NYC-area job profiles. Its conclusion: no evidence of disparate impact. Workday published the summary prominently on its responsible AI page.

The Mobley plaintiffs read the same audit, ran their own analysis on the publicly-disclosed methodology, and arrived at a different conclusion. Per their second amended complaint and coverage in Information Week, Fortune, and DLA Piper's January 2026 analysis, the plaintiffs argue:

  • The window covers a period of declining North American hiring volumes, which compresses the population in ways that mask disparate impact.
  • The five-profile selection excludes job categories where Workday's customer base shows the largest demographic differences in application volume.
  • The four-fifths-rule analysis was applied to scoring rates without conditioning on the underlying applicant pool.
  • When the same data is stratified by intersection (race × age, sex × age), several cells show statistically significant disparities against African American applicants and women aged 40+.

The plaintiffs do not allege the audit is fraudulent. They allege the audit's choices systematically obscure disparate impact that the same data set, analysed differently, reveals.

Why this matters beyond Workday

The first half of the Mobley case asked whether vendors can be on the hook for discrimination. The second half asks whether published bias audits can shield them.

If a court takes seriously the argument that a bias audit completed in good faith, by a reputable auditor, against a published methodology, can still produce a substantively wrong conclusion, then several things change for every vendor in this space:

  1. Vendors lose the "we've been audited" shield. Customers who used the audit as their basis for compliance with NYC LL 144 may face similar arguments — that the audit they relied on was structured to miss what the regulator cares about.
  2. Customer FRIAs become more defensive. A FRIA that says "we relied on the vendor's audit" is weak; a FRIA that says "we re-stratified the vendor's audit data ourselves and reached the same conclusion" is much stronger. Vendors should expect more sophisticated customers to ask for the underlying data.
  3. Audit methodology becomes the next disclosure norm. Until now, the published artifact was the audit summary. Going forward, defensible audits will need to publish the methodology choices — data window, profile selection, statistical tests, stratification — in a form that allows customers and journalists to reproduce the result.
  4. Continuous monitoring outperforms annual audits. Beamery's Warden AI dashboard, refreshed monthly with intersectional results across 30+ cells, is harder to attack on the Mobley grounds than an annual point-in-time audit. Expect more vendors to move toward continuous monitoring as a defensive posture.

What deployers should do this quarter

The case will not resolve quickly. Class certification is the next major gate, and the merits trial is years away. But the practical implications land sooner:

  1. Ask your vendor for the data behind the audit summary. Most enterprise contracts already include the right to do this. Few customers exercise it. Now is a good time.
  2. Re-run the audit yourself, on your own slice of the data. Even a first-pass impact-ratio analysis stratified by intersection will surface anomalies that the vendor's audit, optimised for general applicability, may not have caught.
  3. Document the analysis. Whatever you find, your contemporaneous notes about how you stratified the data, what you observed, and how you responded becomes the deployer-side artifact that Mobley-style plaintiffs would otherwise demand in discovery.

How this maps to our directory

We score each vendor's Bias Audit Transparency in our rubric. As of 2026-05-21, Workday's score reflects the audit's existence, the dispute, and the openly-contested methodology. Beamery's continuous monitoring posture scores highest in the peer set because it is the hardest to attack on Mobley grounds.

The case is fast-moving. We refresh the Mobley v. Workday page and the per-vendor scores as material developments land.