Texas HB 149 Financial Institutions:

Statutory Information

What Texas HB 149 Means for Banks and Credit Unions

Texas HB 149 is a state AI law that took effect January 1, 2026. The law covers organizations that do business in Texas, produce a product or service used by Texas residents, or develop or deploy an AI system in the state.

Texas HB 149, formally titled the Texas Responsible Artificial Intelligence Governance Act (TRAIGA), took effect January 1, 2026.¹ The law covers any organization that does business in Texas, “produces a product or service used by Texas residents, or develops or deploys an AI system in the state.¹”

The law addresses consumer disclosure when AI systems interact with the public, restrictions on using AI to intentionally manipulate human behavior, and the civil enforcement authority of the Texas Attorney General.¹ The law does not create a path for individual consumers to bring their own legal action.¹

Courts may impose penalties of $10,000 to $12,000 for curable violations, $80,000 to $200,000 for uncurable violations, and an additional $2,000 to $40,000 per day for continued violations.¹ The law also gives organizations a 60-day window to address an identified issue before the Attorney General can move forward with formal action.¹

The law includes what it calls a "rebuttable presumption" in favor of organizations that show they substantially complied with the NIST AI Risk Management Framework or another recognized AI risk management framework.¹ Organizations interested in understanding what that means in practice can review the full text of the law and consult qualified legal counsel.

What the Law Covers

What HB 149 Could Look Like In Operations

The Financial Stability Board's (FSB) October 2025 report on AI adoption in the financial sector found that third-party dependencies and service-provider concentration pose key vulnerabilities for financial institutions adopting AI.⁴ Industry research also describes AI activity arriving through multiple channels inside financial institutions, including vendor upgrades, core system updates, tools staff adopted independently, and third-party platforms, often without consistent review processes in place.⁵

When the U.S. Treasury examined what AI tools its own offices actually used, the list included scheduling meetings, transcribing calls, drafting documents, summarizing reports, and generating code.² These are ordinary tasks. They reflect the kind of everyday AI adoption happening across financial institutions right now, often without formal review or approval.

The law's applicability section covers AI systems that organizations deploy. The full text of the law describes what falls within its scope.

Why a NIST-Aligned AI Governance Committee Is a Recognized Response

The connection between governance structures and the text of Texas HB 149 is direct. The law references the National Institute of Standards and Technology (NIST) AI Risk Management Framework (AI RMF) by name as a recognized framework for AI risk management.¹

The NIST AI RMF organizes AI governance around four functions: GOVERN, MAP, MEASURE, and MANAGE.⁵ Together, they give an organization the structure to know what AI tools it uses, understand the risks those tools carry, track how they perform, and respond when a potential AI-related incident is likely or occurs.⁵

An AI governance committee built on NIST can help institutions produce an AI use-case inventory, an acceptable-use policy, defined decision rights across business functions, a risk framework, and a regular operating cadence. These are the kinds of outputs that reflect an active, documented governance structure aligned to a recognized framework.

‍ ‍Sources‍ ‍

Texas Legislature. H.B. No. 149, Texas Responsible Artificial Intelligence Governance Act. 89th Texas Legislative Session. Effective January 1, 2026. https://capitol.texas.gov
U.S. Department of the Treasury. AI Use Case Inventory. Published under OMB Memorandum M-25-21. 2025. https://home.treasury.gov
Financial Stability Board. Monitoring Adoption of Artificial Intelligence and Related Vulnerabilities in the Financial Sector. October 2025. https://www.fsb.org
Wipfli. 2026 State of the Banking Industry and State of the Credit Union Industry Research Reports. January 2026. https://www.wipfli.com
National Institute of Standards and Technology. Artificial Intelligence Risk Management Framework (AI RMF 1.0). U.S. Department of Commerce. January 2023. https://www.nist.gov/itl/ai-risk-management-framework‍ ‍

‍ Related pages in this series:

For a plain language overview of how the NIST AI RMF applies to banks and credit unions, see NIST AI RMF for Banks and Credit Unions
‍For a detailed statutory overview of Texas HB 149, see Texas HB 149 and Financial Institutions
‍ For context on federal AI strategy and its connection to state-level governance requirements, see Federal Strategy to State Law

‍

This page is for informational purposes only. It provides a general factual overview of publicly available government resources and frameworks. It does not constitute legal advice, regulatory interpretation, compliance guidance, or a recommendation of any specific course of action. Laws and guidance referenced here may be subject to change. Qualified legal and compliance professionals can help organizations assess their specific circumstances and obligations.