Adam Stinespring AI Employees for Realtors

Broker operating guide · Updated July 13, 2026

AI Use Policy for Real Estate Brokerages

A useful policy tells people what they may do, what needs review, what is off limits, and what happens when something goes wrong.

Short answer A real estate brokerage AI use policy should cover ten things: scope, approved tools, data protection, human review, accuracy, fair housing, client communication, prohibited actions, training and supervision, and incident reporting. The policy should make one principle unmistakable: AI may prepare work, but the licensed or authorized person remains responsible for the decision and the communication.

Agents are already using AI for listing descriptions, emails, social posts, lead responses, research, CMAs, transaction work, and client questions. A ban that ignores actual use creates shadow systems. A vague statement to "use AI responsibly" gives no one an operating rule.

NAR's March 2026 broker guidance recommends auditing current use, assigning oversight, approving tools, training agents, and building a review process. It identifies accuracy, fair housing, privacy, compliance, licensing, and human oversight as practical brokerage risks. NAR also provides customizable policy templates for brokers and associations through its AI resource center.

This page is the policy layer. The separate AI for Real Estate Brokerages operating guide shows how an owner turns that policy into named roles, eight first-job options, adoption, economics, incident ownership, and a 90-day rollout.

Start with a three-level authority matrix

LevelRuleExamples
AllowedApproved tool, no protected data, internal preparation onlyBrainstorm topics; summarize public guidance; reformat an internal checklist; draft from de-identified notes
Approval requiredHuman reviews source, output, audience, and action before useListing remarks; CMA explanation; client email; lead reply; marketing image; document summary; CRM update
ProhibitedAI may not perform or receive this work under the policyProtected data in unapproved tools; fair housing targeting; independent valuation; signing; money movement; account changes; unsupervised client communication

This matrix turns abstract risk into a decision an agent can make in seconds. The detailed policy then defines each term.

The ten required policy sections

  1. Scope and purpose. Name who is covered: brokers, agents, employees, teams, contractors, vendors, interns, and any system acting for them. State that the policy applies whether the tool is paid by the brokerage or opened through a personal account.
  2. Approved tools. Maintain a living register with tool name, owner, approved uses, prohibited data, account type, retention setting, vendor terms reviewed, integrations, and next review date. "Popular" is not the same as approved.
  3. Data protection. Define public, internal, confidential, and restricted data. Prohibit passwords, API keys, authentication codes, government identifiers, payment data, raw financial records, confidential client communications, nonpublic transaction documents, and unnecessary personal information in unapproved systems.
  4. Human review. Require an accountable person to check source facts, accuracy, audience, tone, fair housing, brokerage rules, advertising requirements, and permissions before content is shared, published, sent, filed, or entered into a live record.
  5. Accuracy and sources. Require property facts, market statistics, dates, calculations, quotations, and policy claims to be checked against the controlling source. AI confidence or polished wording is not evidence.
  6. Fair housing and advertising. Prohibit instructions, targeting, descriptions, rankings, images, or recommendations that express preference, limitation, steering, exclusion, or discrimination. Require review of listing and neighborhood language and marketing audiences.
  7. Client communication. Define which drafts may be prepared, who approves them, whether an automated assistant must identify itself, when a conversation escalates to a licensed person, and where communication is logged. Do not let technical capability decide authority.
  8. Use limitations. State what AI cannot decide: agency duties, pricing, valuation, negotiation, contract interpretation, legal conclusions, fair housing decisions, financial action, signing, disclosure obligations, or other licensed judgment.
  9. Training and supervision. Name the policy owner, training frequency, onboarding requirement, test scenarios, audit cadence, approved-tool review, and consequences matched to risk.
  10. Incident reporting. Give agents one immediate path to report incorrect publication, data exposure, discriminatory output, unauthorized communication, suspicious access, or harmful automation. Require preservation of logs and prompt containment.

A simple real estate data classification

ClassExamplesDefault AI rule
PublicPublished listing, public website, public brokerage policy, public market reportApproved tools may use it; verify license, attribution, and accuracy
InternalSOP, meeting agenda, non-sensitive checklist, internal trainingApproved business account only; no public sharing
ConfidentialClient communication, offers, inspection details, transaction documents, private notesOnly specifically approved workflow with minimum access and defined retention
RestrictedPasswords, tokens, government IDs, payment data, wire instructions, highly sensitive financial or identity dataDo not enter into general AI tools; use the controlling secure system

The FTC advises businesses to know what personal information they hold, keep only what is essential, limit access, and honor their privacy and confidentiality commitments. AI vendors' appetite for data does not reduce the brokerage's responsibility for the information it supplies.

Starter policy language

Purpose. Our brokerage permits approved AI tools to support research, organization, checking, summarization, and drafting. AI does not replace the judgment, supervision, duties, or accountability of the broker, licensee, or authorized team member.
Approved tools and accounts. Business use is limited to tools and account types listed in the brokerage's approved-tool register. Personal or free accounts may not receive brokerage, client, transaction, or confidential information unless specifically approved.
Protected information. Users may not enter credentials, access codes, government identifiers, payment information, wire instructions, raw financial records, confidential client information, nonpublic documents, or unnecessary personal data into an unapproved AI system.
Review. AI output is a draft. The responsible person must verify facts and sources and review fair housing, advertising, licensing, confidentiality, permissions, brokerage rules, and audience before the output is used in a live business process.
Authority. AI may not independently set price, value property, negotiate, interpret contracts, make agency or fair housing decisions, sign, publish, delete, move money, change accounts, or send client, vendor, public, or staff communication unless the specific workflow and action are approved in writing.
Incidents. Stop the workflow and notify the designated policy owner immediately after suspected data exposure, unauthorized action, discriminatory output, materially incorrect publication, suspicious access, or a failure that may affect a client or transaction. Preserve the available record and do not hide or independently erase the event.

This language is a starting operating document. The responsible broker should adapt it to state law, brokerage structure, MLS rules, franchise requirements, contracts, insurance, vendor terms, and actual workflows.

Keep an approved-tool register

A policy goes stale if it names tools in prose and no one owns the list. Keep a separate register with:

  • tool and vendor;
  • business owner and technical owner;
  • approved account or plan;
  • approved use cases;
  • prohibited data;
  • data retention and model-training setting;
  • connected systems and permission scope;
  • human approval point;
  • incident contact;
  • approval date and next review date.

The first fifteen minutes of an AI incident

  1. Stop the workflow. Disable the schedule, sending action, or connection without deleting evidence.
  2. Protect the client and transaction. Escalate time-sensitive or safety-sensitive issues to the responsible broker.
  3. Preserve the record. Keep logs, output, source, user, time, recipients, permissions, and known changes.
  4. Contain access. Revoke the minimum affected token, session, or permission when authorized.
  5. Assess required notice and correction. Follow the brokerage's privacy, insurance, MLS, legal, and regulatory response process.
  6. Fix the system, not only the sentence. Update the source rule, permission, approval gate, test, or monitoring that allowed the event.

Quarterly review questions

  • Which AI tools are agents actually using, including personal accounts?
  • Which tools changed terms, retention, training, permissions, or integrations?
  • Which workflows touched client, transaction, MLS, financial, or identity data?
  • Which outputs were corrected, rejected, or caused an incident?
  • Are agents bypassing the policy because an approved path is missing?
  • Can every automatic action be traced to an owner and approval rule?
  • Should any tool or workflow be narrowed, suspended, or retired?

Frequently asked questions

Should a brokerage ban free consumer AI accounts?

The policy should ban unapproved accounts from receiving brokerage, client, transaction, or confidential data. Whether a free account may be used for public, de-identified brainstorming is a broker decision that should be explicit.

Does every AI draft need broker review?

Not every internal note needs the managing broker personally. The policy should assign the right reviewer for the risk. Client-facing, public, licensed, financial, fair housing, or transaction work needs an authorized human review path.

Should agents tell clients when AI was used?

Disclosure depends on the workflow, representation, applicable rules, and brokerage standard. The policy should define the trigger instead of leaving each agent to improvise.

How often should the policy change?

Review on a fixed schedule and whenever a tool, vendor term, law, MLS rule, integration, data class, or authority level changes. The approved-tool register will usually change more often than the main policy.

Primary sources

Editorial note: Rules and product terms change. Treat this as an operational framework to adapt with the responsible broker and qualified counsel, not a substitute for state-specific review. Last reviewed July 13, 2026.

Map the employee and its authority before connecting data.

The AI Employee Map identifies the job, source systems, data class, permissions, human review point, failure rule, and next step in writing.

Book the $250 AI Employee Map