What is House Bill 149 in Texas?

House Bill 149 (HB 149) is the Texas Responsible AI Governance Act (TRAIGA) — the state's comprehensive artificial intelligence regulation law. It defines 7 prohibited AI practices, establishes NIST AI RMF compliance as an affirmative defense, grants the Texas Attorney General exclusive enforcement authority, and carries civil penalties up to $200,000 per violation. It became enforceable on January 1, 2026.

Who does House Bill 149 apply to?

HB 149 applies to any person or organization that deploys, develops, or makes available an AI system that affects individuals in Texas. This includes private businesses, government agencies, healthcare providers, and any entity using AI-powered tools such as chatbots, hiring algorithms, lending models, or recommendation systems that interact with Texas residents.

What are the penalties under House Bill 149?

Violations of HB 149 carry civil penalties up to $200,000 per violation, enforced exclusively by the Texas Attorney General. Each deployment or use of a prohibited AI system constitutes a separate violation. However, the law provides a 60-day cure period for first violations and recognizes NIST AI RMF compliance as an affirmative defense.

Blog/Legal Analysis

Legal AnalysisFebruary 14, 2026·4 min read

What Is House Bill 149? Texas TRAIGA AI Law Explained

House Bill 149 (HB 149) is the Texas Responsible AI Governance Act — commonly called TRAIGA. It's the most significant AI regulation law in the American South and the centerpiece of Texas's four-statute AI governance framework. If your organization deploys AI systems that touch Texas, this is the law that defines your obligations.

The Core Architecture of HB 149

TRAIGA takes a fundamentally different approach from other state AI laws. Where Colorado's SB 24-205 regulates based on impact (did your AI system cause harm?), Texas regulates based on intent (was your AI system designed or deployed to do something prohibited?). This distinction matters for compliance strategy.

The law has four structural pillars:

Pillar 1: Prohibited Practices (Section 2)

HB 149 defines seven categories of AI practices that are illegal in Texas:

Subliminal manipulation — AI systems designed to materially distort behavior through techniques the person is not aware of
Exploitation of vulnerabilities — targeting age, disability, or socioeconomic status to manipulate decisions
Social scoring — classifying individuals based on social behavior or personal characteristics for unrelated purposes
Real-time biometric surveillance — facial recognition and biometric identification in public spaces without consent
Discrimination by design — AI systems deployed with the intent to discriminate based on protected class
Constitutional rights infringement — AI deployed to suppress or chill exercise of constitutional rights
CSAM generation — using AI to create child sexual abuse material

The critical word is "intent." Accidental discriminatory outcomes are handled differently than systems designed to discriminate. Your compliance documentation needs to demonstrate the intended purpose of each AI system.

Pillar 2: NIST AI RMF Safe Harbor (Section 5)

This is the most strategically valuable provision in the entire law. HB 149 explicitly states that demonstrated compliance with the NIST AI Risk Management Framework (AI RMF) constitutes an affirmative defense in enforcement proceedings.

In plain terms: if the Attorney General brings a TRAIGA action against you, and you can demonstrate documented alignment with NIST AI RMF across Govern, Map, Measure, and Manage — you have a statutory legal defense. This isn't just best practice. It's codified protection.

Pillar 3: Enforcement Architecture (Sections 6-8)

Exclusive AG authority — only the Texas Attorney General can enforce TRAIGA. No private right of action.
$200,000 per violation — each prohibited deployment counts as a separate violation
60-day cure period — after AG notification, you have 60 days to remediate before penalties
Mitigation factors — the AG considers your compliance posture, remediation speed, and NIST alignment when assessing penalties

Pillar 4: Deployer-Type Awareness

HB 149 doesn't operate alone. It works alongside three companion statutes that create additional obligations for specific deployer types:

Government agencies (SB 1964) — must adopt AI ethics codes, publish public AI inventories, and conduct heightened scrutiny assessments
Healthcare providers (SB 1188) — must provide patient-facing AI disclosures before or at the time of service
State employees (HB 3512) — must complete annual DIR-certified AI training if they use computers for 25%+ of duties

The Compliance Timeline

Date	Event	Significance
May 2025	HB 149 passes both chambers	Bipartisan support signals durability
Sept 1, 2025	Governor Abbott signs into law	Effective date set
Jan 1, 2026	Enforcement begins	AG can bring enforcement actions
Ongoing	AG ramp-up period	First investigations expected Q2 2026

What "Good Faith Compliance" Looks Like

The AG's office has signaled through public statements that early compliance documentation will be treated favorably. Organizations that can demonstrate a proactive compliance posture — before an investigation — are best positioned for:

Triggering the NIST safe harbor defense
Maximizing the 60-day cure window
Reducing penalty amounts through documented mitigation factors
Meeting enterprise procurement compliance requirements

The Actionable Next Step

The organizations that build their TRAIGA compliance posture now — documented intent, prohibited practice screening, NIST alignment evidence, and cure readiness — are the ones that convert this law from a liability into a competitive advantage.

TXAIMS maps your AI systems to every HB 149 requirement — prohibited practice screening, NIST safe harbor scoring, deployer-type classification, and one-click evidence bundles for the AG, procurement, and boards. Start your 14-day free trial and have your HB 149 compliance documented before the next AG enforcement cycle.

Ready to automate your TRAIGA compliance?

TXAIMS screens your AI systems, builds your NIST defense, and generates evidence bundles in minutes.

Start 14-day free trial

All articles