AI Policies & Procedures Manual
Governing the use of artificial intelligence at Low Rate Co, including the virtual assistant Cindie
Effective Date: June 18, 2026
Purpose
This manual establishes the governance, compliance, operational, security, monitoring, and supervisory requirements for all artificial intelligence systems utilized by Low Rate Co, including Cindie.
Scope
Applies to all employees, contractors, vendors, and AI systems used in consumer-facing mortgage, real estate, marketing, customer service, and operational activities.
AI Governance
Management maintains oversight of AI systems, approves material changes, reviews compliance reports, and works to support regulatory compliance.
Permitted Uses
Consumer intake, 1003 data collection, appointment scheduling, document requests, status updates, customer support, and approved educational content.
Prohibited Uses
Loan approvals, denials, underwriting decisions, legal advice, tax advice, adverse action decisions, or unlicensed mortgage advice.
Consumer Disclosure Procedures
Consumers must be informed when interacting with AI. Cindie must identify itself as a virtual assistant at the beginning of interactions.
Human Oversight Procedures
All loan recommendations, pricing discussions, underwriting decisions, and approvals must be reviewed by licensed personnel.
Fair Lending Procedures
AI systems do not make decisions based upon protected classes. Bias testing and fair lending reviews are performed on a quarterly basis.
Data Privacy & Security
Consumer data is protected through measures such as encryption, access controls, audit logging, vendor oversight, and employee training.
Conversation Retention
AI conversations, prompts, responses, SMS records, and chat logs are retained in accordance with applicable legal, regulatory, and business requirements.
AI Model Management
AI model changes are subject to testing, documentation, approval, version control, and rollback procedures.
Compliance Monitoring
Periodic reviews of AI interactions are conducted to identify compliance issues, consumer harm risks, or operational deficiencies.
Incident Response
Material incidents involving AI are investigated, documented, remediated, and reported to management.
Vendor Management
Third-party AI providers undergo due diligence, security reviews, contractual review, and ongoing monitoring.
Employee Training
Employees interacting with AI systems receive periodic compliance, privacy, fair lending, and AI governance training.
Consumer Complaints
Complaints involving AI are routed to Compliance for investigation and resolution. See our Consumer Complaint page.
Policy Review
This policy is reviewed and updated periodically and upon material regulatory or operational changes.
Compliance Department — Low Rate Co
1201 Puerta Del Sol, Ste 228
San Clemente, CA 92673
Email: compliance@lowrateco.com