AI & Work

Can Loan Officers Use ChatGPT? The GLBA Trap

Arpit TripathiArpit TripathiLinkedIn·June 30, 2026·11 min read

Pasting borrower NPI into consumer ChatGPT conflicts with GLBA and the FTC Safeguards Rule. What loan officers should do instead.

Can loan officers use ChatGPT for work?

No, a loan officer should not paste borrower nonpublic personal information (NPI) into a general consumer ChatGPT account. Doing so is a disclosure of protected customer data to an unvetted third party, and it conflicts with the Gramm-Leach-Bliley Act and the FTC Safeguards Rule that govern mortgage lenders and brokers. One pasted borrower file can become an FTC notification event with your institution's name on it.

The tool itself is not the problem. Loan officers use large language models to draft adverse action letters, summarize a thick file, clean up a borrower email, or explain a rate lock in plain language. The problem is the account and the data. A consumer ChatGPT plan is not a vetted service provider under the rules that cover your business, and the borrower income, Social Security numbers, and loan application details you paste in are exactly what those rules require you to protect.

You may have seen guidance aimed at registered investment advisers under the SEC and Regulation S-P. That is a different world. Mortgage loan officers, processors, and brokers answer to the FTC Safeguards Rule as non-bank financial institutions. The core caution is similar: protect customer data and control your vendors. But the governing rule, the regulator, and the obligations below are the mortgage-lending ones.

Insight

General information, not legal or compliance advice. Confirm your obligations with your compliance officer, counsel, and your specific regulator before changing any workflow.

Who the rules cover, and why loan officers are in scope

Mortgage brokers and lenders are non-bank financial institutions under the FTC Safeguards Rule. The rule, codified at 16 CFR Part 314, requires covered financial institutions to develop, implement, and maintain a written information security program to protect customer information. Mortgage brokers, mortgage lenders, and other non-bank lenders are named among the businesses the FTC treats as financial institutions.

The obligation follows the data, not the job title. Whether you are a licensed loan officer, a processor moving files, or an independent broker, if you handle customer information for a covered institution, the institution answers for how that information is protected. A workflow that routes borrower data through a personal chatbot account sits outside the security program the rule requires you to run.

That security program is not a loose set of good intentions. Under 16 CFR 314.4, a covered institution must base the program on a written risk assessment, designate a qualified individual to run it, encrypt customer information in transit and at rest, apply access controls and multi-factor authentication, and monitor its systems. A personal chatbot habit running alongside that program is invisible to all of it. No one assessed the risk, no one on the security team knows the data is going there, and none of the required controls reach it.

What counts as borrower NPI

Nonpublic personal information covers the data borrowers hand you to get a loan. Under the GLBA privacy definitions at 16 CFR 313.3, nonpublic personal information includes personally identifiable financial information, which is any information a consumer provides to obtain a financial product or service. The regulation lists loan and credit application information as an example, and that reaches the core of a mortgage file.

An individual who gives you financial information to find out whether they qualify for a personal, family, or household loan is a consumer under the rule, even if the loan never closes. So a preapproval inquiry counts, a declined application counts, and a file you are only reviewing counts. The status does not depend on a closing or a signed note. The moment the borrower shares the financial detail, the protection attaches.

That reach is wider than most people expect at the keyboard. A screenshot of a 1003, a pasted pay stub, a copied bank statement, or a summary you type that still names the borrower and their income all carry NPI. Even a request like "summarize this borrower's file and tell me why they were declined" pulls protected data into the prompt. The safe assumption is that anything tied to a real borrower's finances is NPI until you have stripped the identifiers out.

Borrower data that is NPI

  • Social Security numbers and tax identification numbers
  • Income, employment, and asset details from a 1003 or supporting documents
  • Bank account and loan account numbers
  • Credit report data, scores, and payment history
  • Property address tied to the borrower's financial file
  • Anything on or derived from the loan application

Why consumer ChatGPT is the trap

The Safeguards Rule requires you to vet and contractually bind anyone who touches customer information, and a personal chatbot account meets neither test. Under 16 CFR 314.4(f), a covered institution must take reasonable steps to select and retain service providers capable of maintaining appropriate safeguards, require those safeguards by contract, and periodically assess the provider based on the risk it presents. A loan officer signing up for a personal ChatGPT plan does none of that. There is no vendor due diligence, no written data protection contract on your institution's behalf, and no periodic assessment.

Once content enters a training run it cannot be pulled back out. That is what makes the data-use terms so unforgiving. For consumer ChatGPT, model training is on by default. As of July 2026, OpenAI states that content from Free, Plus, and Pro personal accounts may be used to help improve its models unless the user turns off the setting under Data Controls. That default sends borrower NPI into a provider you never vetted and never contracted with.

Compare that to the business and enterprise tiers, where OpenAI states it does not use your data to train its models by default. The gap between the tiers is the point. The consumer plan a loan officer signs up for on a phone is governed by consumer terms, not by any agreement your institution negotiated. Even where the terms are reasonable, they are not a substitute for the vendor review and written contract the Safeguards Rule requires before customer information moves to an outside provider.

Pro Tip

Flipping off the training toggle in Data Controls narrows one exposure, but it does not turn a personal account into a vetted, contractually bound service provider. The Safeguards Rule wants a written agreement and ongoing oversight, not a settings change one employee can undo.

The 30-day breach clock if borrower data leaks

A leak of borrower data now carries a hard federal deadline. As of May 13, 2024, the amended Safeguards Rule at 16 CFR 314.4(j) requires a covered financial institution to notify the FTC as soon as possible, and no later than 30 days after discovery, of a notification event involving the unencrypted customer information of 500 or more consumers.

A notification event is an unauthorized acquisition of unencrypted customer information. Routing files through an unvetted consumer account raises the odds of exactly that kind of exposure, and the 30-day clock is short. The notice to the FTC must name your institution, describe the information involved, give the number of consumers affected, and lay out the nature of the event. An ad hoc chatbot habit can become a documented incident with your name on the filing.

The 500-consumer threshold is not a reason to relax about smaller leaks. It sets the point where FTC notification becomes mandatory, not the point where the exposure starts to matter. A single mishandled file is still a breach of your duty to protect that borrower's information, and state breach-notice laws and your institution's own policies can carry their own obligations well below 500. The federal deadline is the floor, not the whole picture.

Consumer ChatGPT versus a vetted, contracted tool

What the rule checksConsumer ChatGPT accountVetted, contracted AI tool
Vendor due diligenceNone. One employee signs up personally.Institution reviews security posture before use.
Written data agreementNo contract binding the provider on your behalf.Contract requires and maintains safeguards, per 314.4(f).
Model training defaultOn by default for Free, Plus, and Pro personal accounts.Set by contract; borrower data excluded from training.
Ongoing oversightNone. No periodic risk assessment.Periodic assessment based on risk, per 314.4(f).
Fits your security programSits outside the written program the rule requires.Documented inside the institution's program.
Breach exposureRaises odds of an unauthorized acquisition event.Controls and logging reduce and document exposure.

The comparison is not ChatGPT versus no AI. It is an unvetted personal account versus a tool your institution has actually reviewed, contracted, and folded into its security program. The second column is what the Safeguards Rule asks for whenever a tool touches customer information.

What to do instead

One rule carries most of the weight: before you hit enter, scan the prompt for a name, an account number, a Social Security number, or a dollar figure tied to a real person. The rest is detail.

  • Never paste borrower NPI into a personal or consumer chatbot account.
  • Redact before you draft. Strip names, SSNs, account numbers, and income figures, then ask the tool to help with generic letter or explanation text.
  • Route AI use through tools your compliance team has vetted and contractually bound, and keep the written agreement on file.
  • Keep training-on-your-data controls off where a tool offers them, and confirm the setting in writing rather than trusting a per-user toggle.
  • Document which tools are approved, and treat any tool touching NPI as a service provider under 314.4(f).

Redaction is the simplest safe path. Most day-to-day drafting, letter templates, plain-language rate explanations, and email cleanups, does not require real borrower identifiers. Remove the NPI first, and the compliance question largely goes away.

Two prompts show the difference. "Draft an adverse action letter for a borrower whose debt-to-income ratio was too high, using placeholders like BORROWER NAME and the reason code" is safe generic drafting. "Here is the applicant's full file, write their denial" pastes NPI into an unvetted account and is the trap. The output is nearly identical, but the second version puts protected borrower data where it does not belong.

Pro Tip

Build the habit at the point of paste. Before you hit enter, scan the prompt for a name, an account number, a Social Security number, or a dollar figure tied to a real person. If any of those are present in a consumer chatbot, stop and redact.

Where MemX fits

MemX is an external, user-owned memory layer that sits alongside your AI tools. It is private by architecture, with per-user isolation and encryption at rest, and it does not train on your data. The point is to give you a purpose-built place to organize and search your own working notes, drafts, and reference material, rather than dumping borrower files into a public chatbot that treats your inputs as training data by default.

MemX does not make anyone GLBA-compliant on its own, and no software can. Any tool that touches borrower NPI still needs the same treatment as any service provider under the Safeguards Rule, which means due diligence, a written agreement, and periodic assessment before it goes near a real file. Use MemX for your own work product, keep NPI inside vetted and contracted systems, and route real borrower data only through tools your institution has reviewed.

The takeaway is narrow. A general consumer chatbot is fine for generic, redacted drafting and a poor place for borrower NPI. Keep the two separated at the keyboard. Strip identifiers before you draft, run anything that must touch real borrower data through tools your compliance team has vetted and contracted, and treat every such tool as a service provider under the Safeguards Rule. The rules that cover loan officers are demanding, but the daily discipline they ask for is simple.

FAQ

Frequently Asked Questions
01Can a loan officer use ChatGPT for work?

Yes for generic drafting once borrower NPI is removed. No for pasting real income, SSNs, or loan file data into a consumer account, which conflicts with the FTC Safeguards Rule that covers mortgage lenders and brokers.

02Does the FTC Safeguards Rule apply to mortgage brokers?

Yes. The FTC treats mortgage brokers and non-bank mortgage lenders as financial institutions, so they must maintain a written information security program and oversee service providers under 16 CFR Part 314.

03Do loan officers follow SEC Regulation S-P or the FTC Safeguards Rule?

Mortgage loan officers, processors, and brokers answer to the FTC Safeguards Rule as non-bank financial institutions, not to the SEC and Regulation S-P world that governs registered investment advisers.

04Is borrower income and SSN considered NPI under GLBA?

Yes. Under 16 CFR 313.3, information a consumer provides to obtain a loan is personally identifiable financial information. That covers income, Social Security numbers, account numbers, and application data, all nonpublic personal information.

05Does ChatGPT train on data I paste in?

For consumer Free, Plus, and Pro accounts, training is on by default as of July 2026. OpenAI may use that content to improve its models unless you turn off the setting in Data Controls. Content already used in training cannot be removed.

06What if borrower data leaks through an AI tool?

An unauthorized acquisition of unencrypted customer information affecting 500 or more consumers requires notifying the FTC no later than 30 days after discovery, under 16 CFR 314.4(j), effective May 13, 2024.

Insight

General information, not legal or compliance advice. Rules and vendor terms change. Verify current obligations with your compliance officer and counsel before adopting any AI workflow that touches borrower data.

Read Next

Or try MemX to access 40+ AI models in one place — including Claude Sonnet 4.6 and GPT-5.4 — and get your questions answered today.

Was this article helpful?

Found this useful? Share it with someone who needs it.

Free · iOS, Android & WhatsApp

Stop losing what you save.
Let MemX remember it for you.

Every screenshot, photo, PDF and voice note — captured, encrypted, and instantly searchable. Ask in plain English, get the answer in seconds.

  • Reads text inside images and handwriting
  • Private and encrypted by default
  • Free to start, no credit card

Takes under a minute to set up. Your data stays yours.

Arpit Tripathi
Written by
Arpit TripathiLinkedIn

Founder of MemX. Ex-Google Staff Tech Lead Manager, ex-AWS Senior SDE (Elastic Block Store). Writes about practical AI on the MemX blog.

Keep reading

More guides for AI-powered students.