TRAIGA Compliance Checklist for Texas General Counsel

The Texas AG’s complaint portal has a September 1, 2026 statutory deadline. Once it opens, consumers can file TRAIGA complaints directly — and the enforcement clock starts moving faster. GCs who haven’t run a compliance baseline yet are behind.

Here’s what to do.

Step 1: Build an AI inventory

The first enforcement exposure isn’t a prohibited use — it’s not knowing what AI you’re running. TRAIGA applies to any entity that develops, deploys, or promotes AI products to Texas consumers. That scope is broad, and so is the statutory definition of “AI system”: any machine-based system that infers from inputs to generate outputs including content, decisions, predictions, or recommendations.

In practice, companies are surprised by the footprint. Hiring platforms, document-review tools, email scheduling assistants, and chatbots all qualify. Audit your stack, including vendor SaaS.

Two threshold questions for each tool: Is this consumer-facing? Is it making or influencing a decision? Those answers drive your downstream obligations.

Note on disclosure: If your entity is a private non-healthcare company, TRAIGA imposes no consumer-facing AI disclosure requirement. Disclosure obligations apply separately to government agencies (before or at time of AI interaction, in plain English, no dark patterns) and to healthcare providers (at time of service or as soon as practicable). Don’t conflate these two provisions, and don’t impose private-sector disclosure costs you don’t owe.

Step 2: Lean on the NIST safe harbor — and document it

TRAIGA provides explicit affirmative defenses. One is an internal review conducted using the NIST AI Risk Management Framework. This isn’t boilerplate — it’s one of the statute’s affirmative defenses. Run it, date it, file it.

Other affirmative defenses include red-teaming or adversarial testing, compliance with state agency guidance, and acting on feedback from developers, deployers, or stakeholders. Build the paper trail now, not in response to a civil investigative demand.

A CID (civil investigative demand) under § 552.103 can require you to produce AI system descriptions, intended-use documentation, training data categories, performance metrics, known limitations, post-deployment monitoring records, and user safeguard measures — plus anything else the AG deems relevant. If you cannot produce this on short notice, that gap itself becomes an exposure.

Step 3: Understand the penalty tiers and the cure problem

Penalties are tiered, not flat:

• Curable violations: $10,000–$12,000 per violation
• Uncurable violations: $80,000–$200,000 per violation
• Continuing violations: $2,000–$40,000 per day

The statute does not define what makes a violation curable versus uncurable. According to Norton Rose Fulbright’s Marc Collier and Ethan Glenn, that distinction “will be developed by experts, the courts and the resulting common law.” You’re operating blind on that boundary for now.

More immediately: the 60-day cure period after a notice of violation may not be enough time to materially modify an AI system. As Collier and Glenn put it, “a notice of violation will effectively function as a cease and desist order” if the cure requires reprogramming. That makes pre-enforcement compliance — not reactive scrambling — the only workable posture.

There is no private right of action under TRAIGA. The AG has exclusive enforcement authority. But the AG’s data-privacy enforcement team is already built out, and the complaint pipeline opens in September.

The September 1 inflection point

The AG complaint portal is expected to open by September 1, 2026 — that’s the statutory deadline under Section 8 of HB 149. No publicly reported TRAIGA enforcement actions have been filed as of late June 2026, but the office has been building enforcement infrastructure since the law was signed.

The time to close documentation gaps is before the portal opens, not after the first complaint triggers a CID.

Frequently asked questions

If an end user or employee misuses an AI tool in a way that causes harm, is the company that deployed it liable under TRAIGA?

Not automatically. TRAIGA includes a third-party misuse carveout: a developer or deployer cannot be held liable simply because an end user or other third party uses an AI system for a prohibited purpose. Liability attaches to the intent behind how the system was developed or deployed — not to downstream misuse by others. However, that carveout does not eliminate the deployer’s obligation to have documented the system’s intended safeguards.

Does TRAIGA mandate that companies use the NIST AI Risk Management Framework?

No — the NIST AI RMF is not legally required. But conducting an internal review using it is one of TRAIGA’s explicit statutory affirmative defenses. A company that can show it ran a documented NIST AI RMF review has a defense against enforcement, even if a violation occurred. The other affirmative defenses are red-teaming or adversarial testing, compliance with state agency guidance, and acting on feedback from developers, deployers, or stakeholders.