Sei AI Blog
Insights on AI-powered compliance, voice agents, document intelligence, and customer experience for financial institutions.
Colorado SB 26-189 for Banks and Lenders: The ADMT Framework Replacing the 2024 AI Act and What is Due by January 2027
Colorado repealed and reenacted its 2024 AI Act in May 2026. The replacement is SB 26-189, effective January 1, 2027, which drops the algorithmic-discrimination duty and the impact-assessment regime and instead lands pre-decision notice, a 30-day post-adverse-outcome explanation, and a meaningful human-review right on any 'covered ADMT' that materially influences a financial or lending decision. The version that actually maps to a bank or non-bank lender's operations.
Force-Placed Insurance Under Regulation X 1024.37: What an AI Servicing Agent Has to Get Right Before the Charge Posts
Force-placed insurance is one of the most expensive servicing mistakes a mortgage program can make and the noticing rules at 12 CFR 1024.37 are mechanical. The agent design we run to keep the 45-and-30-day clocks, the reasonable-basis standard, the refund duty, and the credit-bureau correction synchronized across the systems that touch the loan.
Voice Cloning and the End of Voice Biometrics as a Sole Factor: A Caller-Verification Architecture for Banks
Cheap, high-fidelity voice cloning has collapsed voiceprint and knowledge-based authentication as standalone factors on bank phone channels. The NIST 800-63 level we hold caller authentication to, the phishing-resistant factors that survive a synthetic caller, and the agent-side controls we wire around them.
CFPB 1071 Small Business Lending and AI Agents: A Subpart B Playbook for the Firewall, the Data, and the Filing
Section 1071 added 81 data points and a firewall between demographic collection and credit decisions. How to put AI agents inside the small-business application without breaching Regulation B Subpart B.
OFAC Sanctions Screening with AI Agents: The SDN List, Fuzzy Matching, and the 50 Percent Rule
Sanctions screening is strict-liability and the SDN list does not match cleanly. How we architect AI agents for name and identifier screening, beneficial-ownership traversal under the 50 percent rule, and hit disposition that survives an OFAC subpoena.
SCRA Compliance with AI Agents: DMDC Queries, the 6 Percent Cap, and the Verbal-Notice Trigger
SCRA carries a private right of action and an active DOJ enforcement docket. How we build AI agents that catch the verbal notice, query DMDC at the right moments, apply the rate cap correctly, and hold the foreclosure stay.
Prompt Injection Defense for Banking AI Agents: Threat Model, Controls, and a Red-Team Cadence
Prompt injection is the highest-impact attack against an AI agent in a bank because the agent has tools that move money. The threat model, the architectural controls, and the red-team patterns we exercise before every deployment.
TRID Compliance with AI Agents: The Six-Element Trigger, the 3/7-Day Clocks, and Re-Disclosure
TRID timing is unforgiving and the application-defining moment is where most violations start. How to put AI agents on mortgage origination intake without missing the Loan Estimate clock or breaking the tolerance buckets.
AI Chatbots in Consumer Finance: What the CFPB Spotlight Named and Who Enforces It in 2026
The CFPB's 2023 chatbot spotlight named real failure modes, and they did not disappear when the Bureau pulled back. The doom loop, missed federal rights, and UDAAP exposure, who enforces them now, and the controls that hold up.
Building AI Agents for Open Banking While the 1033 Rule Is Enjoined
Section 1033 was finalized in 2024, enjoined in 2025, and is now under reconsideration. How we architect AI agents for personal financial data sharing so the design survives whichever way the rewrite lands.
Regulation E Error Resolution with AI Agents: A 1005.11 Playbook for Dispute Intake
Reg E error resolution has hard, statutory timing: 10 business days, provisional credit, 45 and 90 day windows. How to put an AI agent on dispute intake without missing a clock, and the verbal-claim trigger that keeps it compliant.
NYDFS Part 500 and the AI Cybersecurity Letter: What New York-Regulated Institutions Have to Build
New York's Part 500 is fully phased in and its October 2024 AI guidance tells covered entities how to apply it to AI risk. The controls that matter for an AI agent: phishing-resistant authentication, privileged access on the model store, AI vendor diligence, and data minimization.
BOOK A DEMO
- Deploy in weeks, not months
- Trained on FDCPA, TCPA, TILA, UDAAP, and RESPA
- SOC 2 Type II and PCI DSS L1 certified
- Integrates with your LOS, CRM, and telephony
