Texas Banks and Credit Unions Using AI Credit Scoring Face Dual TRAIGA and FCRA Exposure

Texas community banks and credit unions operate in one of the most heavily regulated industries in the country. They are accustomed to compliance complexity. But TRAIGA has added a new layer that most community lenders have not yet mapped — and it overlaps in important ways with existing federal obligations under the Fair Credit Reporting Act.

Where AI Shows Up in Texas Lending

Credit scoring and underwriting models. Any bank or credit union using a third-party AI-assisted credit scoring or underwriting platform is a TRAIGA deployer. FICO's newer scoring models incorporate machine learning. VantageScore uses AI. Virtually every major underwriting platform released or updated in the past three years includes AI components.

Loan origination systems. Platforms like Encompass, Calyx, and similar loan origination systems have added AI features for document analysis, risk assessment, and compliance checking. When AI assists in the evaluation of a loan application, TRAIGA applies.

Fraud detection. AI-assisted fraud detection systems that generate scores or flags affecting loan decisions qualify as AI in consequential decisions.

Customer service and relationship management. AI tools that prioritize which customers receive outreach for loan products or rate offers affect customers' access to financial services.

The FCRA Overlap

The federal Fair Credit Reporting Act has required adverse action notices for decades — when a lender denies credit based on information in a consumer report, the consumer must be notified of the decision, the reason, and the consumer reporting agency involved.

TRAIGA adds a parallel requirement — disclosure to individuals when AI is used in consequential decisions affecting them, including credit decisions. For Texas financial institutions, satisfying both requirements simultaneously is more efficient than treating them separately.

The FCRA adverse action notice already requires disclosure of the factors that most significantly affected a credit decision. When AI is involved in that decision, TRAIGA requires disclosure that AI was used. The two notices can be combined in a single communication that satisfies both laws.

The documentation requirements overlap as well. FCRA compliance programs already include vendor management, written policies, and audit trails. TRAIGA requires the same elements for AI-specific documentation. A community lender that builds a TRAIGA compliance record that integrates with its existing FCRA compliance program is not doing twice the work — it is extending work it was already required to do.

The Intent Standard and What It Means for Lenders

TRAIGA prohibits AI systems deployed with the intent to unlawfully discriminate against a protected class. The law explicitly states that disparate impact alone — a disproportionate adverse effect on a protected group — is not sufficient to demonstrate intent to discriminate.

This is a meaningful distinction for financial institutions, because federal fair lending law under the Equal Credit Opportunity Act and Fair Housing Act can impose liability based on disparate impact even without proof of intent. TRAIGA's intent standard is narrower. A lender using an AI model that produces disparate impact does not automatically violate TRAIGA — but they may still face federal fair lending liability under existing law.

The practical implication is that Texas lenders face different standards under TRAIGA and federal fair lending law. TRAIGA compliance — demonstrating that the AI deployment was not intentionally discriminatory — is necessary but not sufficient for complete fair lending compliance. Both frameworks need to be addressed.

What Texas Community Lenders Should Do

Identify every AI-assisted platform in your lending process. This includes credit scoring models, underwriting platforms, fraud detection systems, and any AI-assisted customer management tool that influences which customers are offered products or services.

Send formal TRAIGA documentation requests to each vendor. For regulated financial institutions, this vendor due diligence work likely fits within existing third-party vendor management programs — the documentation request is an extension of what good vendor management already requires.

Review your adverse action notices to ensure they address both FCRA requirements and TRAIGA's disclosure obligation for AI use.

Implement human review of AI-assisted underwriting recommendations. This is already required by most bank regulatory guidance on model risk management — TRAIGA's human oversight requirement aligns with what regulators expect from model governance programs.

Document all of the above in a compliance file that can be produced on request.

This article is for informational purposes and does not constitute legal advice. For advice specific to your situation, consult a licensed Texas attorney.