FRAMEWORK

Texas TRAIGA

The Texas Responsible AI Governance Act (HB 149), in force since January 1, 2026. Intent-based prohibitions on harmful AI uses, enforced by the Texas Attorney General.

Book a demo See coverage

Coverage updated2 min ago

Coverage · Texas TRAIGA

Framework coverage

80%

Coverage

Prohibited-use duties

Obligations mapped

+4% wk

Files on record

Live · synced 2 min ago · 7-day trend

Recent activity

Annex IV v4Approved

FRIA v2Approved

Monitoring plan v1Draft

THE OBLIGATION

Intent-based prohibitions, enforced by the Attorney General.

TRAIGA takes a different shape from the risk-tier laws: it prohibits developing or deploying AI for specified harmful purposes — inciting self-harm or crime, unlawful discrimination, certain biometric capture, and deceptive deepfakes. It applies to anyone developing or deploying AI in Texas, doing business in Texas, or offering products used by Texas residents.

Enforcement sits exclusively with the Texas Attorney General; there is no private right of action, and a cure period applies before penalties.

At a glance

Applies toAnyone developing or deploying AI touching Texas residents

Your likely roleDeveloper and/or Deployer

Key deadlineIn force since January 1, 2026

Penalty exposureUp to $200,000 per violation; 60-day cure period; AG enforcement only

ARTEFACTS

The files this framework actually requires.

TRAIGA is about demonstrable acceptable-use governance. Hael records the policies and controls that evidence it.

Files · Evidence pack

PDFAcceptable Use Policyv2updated 2 min agoApproved

PDFProhibited-Use Controls Recordv2updated 14 MayApproved

PDFBiometric Handling Recordv1updated 11 MayDraft

PDFSystem Inventoryv2updated 04 MayApproved

GRC tools tell you these are missing. Hael generates them — from each system's real configuration.

THE DIFFERENCE

A checklist tells you what's missing. Hael puts it on record.

A checklist asks if you have an acceptable-use policy. Hael generates it and records the controls that enforce it.

Typical GRC tool

Acceptable Use Policyupload required

Prohibited-Use Controls Recordupload required

Biometric Handling Recordupload required

System Inventoryupload required

Tracks the gap. You still author every document.

Hael

Acceptable Use Policyv2Generated 2 min agoview

Prohibited-Use Controls Recordv2Generated · Approvedview

Biometric Handling Recordv1Generated · Draftview

System Inventoryv2Generated · Approvedview

Generated from each system's real configuration, versioned, and kept current as it changes.

HOW HAEL WORKS

Discover, classify, produce — for Texas TRAIGA.

01DISCOVER

Find the systems in Texas TRAIGA scope, including embedded third-party AI.

Inventory · 14 systems

Credit scoring enginehigh

HR screening bothigh

Salesforce Einsteinlimited

02CLASSIFY

Assess each against Texas TRAIGA's risk tiers and obligations.

Risk tier

Prohib.HighLimitedMin.

Role: ProviderArt. 9 · 11 · 14

03PRODUCE

Generate the Texas TRAIGA records, versioned and current.

Generated files

Annex IV v4Approved

FRIA v2Approved

Monitoring v1Draft

COVERAGE

Every obligation, mapped to the control that satisfies it.

Rows are the framework's clauses.

Columns are the controls and files that satisfy them.

Cells update as the underlying configuration changes.

Explore the platform

Coverage Map

Obligation → Control

4 obligations · 4 controls

80%

covered

AUP

Controls

Biometric

Inventory

Harmful-use prohibition

✓

—

✓

Discrimination

✓

—

✓

Biometric capture

—

✓

•

✓

Deepfake/deception

✓

•

—

✓

Harmful-use prohibition

AUP

v3 · sealed

Approvedopen file →

MAPPING

Clause by clause.

Obligation
What it requires
Hael control / file
Status

No development/deployment for harmful purposesAcceptable-use governanceAcceptable Use PolicyApproved

No unlawful discriminationDiscrimination controlsProhibited-Use Controls RecordApproved

Biometric capture limits (CUBI)Lawful biometric handlingBiometric Handling RecordDraft

Deepfake/deception controlsSynthetic-media safeguardsProhibited-Use Controls RecordIn progress

REUSE

Author once. Satisfy many.

The acceptable-use and control records that evidence TRAIGA compliance feed your broader governance programme — overlapping the EU AI Act's prohibited-practices and the risk controls under NIST.

→ shared evidenceEU AI ActNIST AI RMFColorado AI Act

Trust & Security

SOC 2 Type IIISO/IEC 27001EU & US data residencySSO / SCIMEncryption in transit & at restAudit logging

Already in force — evidence it now, not after a complaint.

TRAIGA has applied since January 2026. Hael records the acceptable-use governance the Texas AG expects.

Book a demo Explore the platform