Missouri Nonprofit AI Compliance Checklist

AI Compliance Context for Missouri

Because Missouri has no dedicated AI statute, regulatory obligations fall back to no comprehensive state privacy statute layered with federal sector-specific rules.

Missouri's regulatory posture on AI is silence rather than permission: missouri considered hb 1687 (ai liability) in 2024 but did not advance; no ai-specific statute; monitoring neighboring illinois hb 3773 and kansas ai working group. No comprehensive state privacy statute; UDAP coverage via Missouri Merchandising Practices Act (Mo. Rev. Stat. sec. 407.020) provides the residual framework. For donor-targeting, program-eligibility, and fundraising AI in Missouri, federal signals set the ceiling while regional precedent sets the floor.

Federal law still governs Nonprofit AI in Missouri primarily through IRS 501(c)(3) rules (26 USC 501), FTC Telemarketing Sales Rule (16 CFR 310), and state charitable-solicitation registration. Adjacent federal authorities include IRC Section 501(c)(3) Political Campaign Prohibition (26 U.S.C. Section 501(c)(3); Rev. Rul. 2007-41); OMB Uniform Guidance (2 CFR Part 200) (2 CFR Part 200); IRS Form 990 Schedule O (IRS Form 990, Schedule O). IRC Section 501(c)(3) Political Campaign Prohibition (enforced by Internal Revenue Service) applies to absolute prohibition on participation in, or intervention in (including the publishing or distributing of statements), any political campaign on behalf of or in opposition to any candidate for public office. ai-generated political content counts toward the prohibition; automated voter-targeting tools that favor a candidate risk revocation. Penalty exposure: revocation of tax-exempt status; excise tax under irc section 4955 on political expenditures; excise tax under section 4958 on excess benefit transactions. IRS political-campaign-intervention enforcement combined with state charitable-solicitation oversight creates dual-track exposure for AI-driven outreach.

Three neighboring regimes create compounding exposure: Iowa (AI in Government Act, penalty Administrative), Illinois (HB 3773 — AI in Employment, penalty Up to $5,000 per violation (willful/repeated)), and Kentucky (AI Study Resolution, penalty TBD). Multi-state Nonprofit operators headquartered in Missouri default to the strictest stack.

Start with these concrete compliance actions. (1) Inventory every donor-targeting, grant-allocation, or program-eligibility decision running on AI in your Missouri operations, tagging systems against IRS 501(c)(3) rules (26 USC 501), FTC Telemarketing Sales Rule (16 CFR 310), and state charitable-solicitation registration. (2) Run a Nonprofit-specific bias evaluation against the IRC Section 501(c)(3) Political Campaign Prohibition within 45 days, with violation of IRC Section 501(c)(3) political-campaign prohibition via AI-generated voter content plus federal-grant internal-control failures under 2 CFR Part 200 as your top risk to retire. (3) Document decision-explainability procedures under Segregate any AI-driven voter-outreach or issue-advocacy activities from 501(c)(3) operations, with clean documentation of purpose and audience. (4) Add human-review checkpoints for high-stakes outputs and wire alerts to the signals behind federal-grant recipients must satisfy OMB Uniform Guidance internal-control and cost-principle requirements when AI is used to allocate federally-funded program benefits. (5) Track Iowa (AI in Government Act) as your early-warning indicator. (6) Train small-tier staff on AI disclosure obligations specific to Nonprofit, and maintain the following sector artefacts: donor-consent ledger, charitable-solicitation registration trail, 501(c)(3) non-intervention log, Schedule-O narrative, and grant-allocation audit file. Sequence these steps across a 90-day onboarding, with a board-level review before go-live.

The enforcement surface for Nonprofit centres on IRS Exempt Organizations Division, OMB / federal grantor agency Inspectors General, EEOC, and the statute operators most often under-document is OMB Uniform Guidance (2 CFR Part 200) (2 CFR Part 200) — a gap that surfaces in violation of IRC Section 501(c)(3) political-campaign prohibition via AI-generated voter content plus federal-grant internal-control failures under 2 CFR Part 200 disputes. Build an evidence binder covering donor-consent ledger, charitable-solicitation registration trail, 501(c)(3) non-intervention log, Schedule-O narrative, and grant-allocation audit file. Treat federal-grant recipients must satisfy OMB Uniform Guidance internal-control and cost-principle requirements when AI is used to allocate federally-funded program benefits as your leading indicator and escalate when the signal shifts.

With 11-50 employees you can justify a half-time compliance lead and part-time external counsel on retainer. Small-stage Nonprofit operators should deploy a named compliance lead, formal AI inventory, quarterly bias spot-checks, and a documented escalation path, with semi-annual internal audit with annual external review and ownership resting with a designated AI compliance lead reporting to the CEO. small-business budgets ($50K-$250K) justify a compliance lead plus a GRC tool such as Credo AI, Fairly, or Holistic AI. For Nonprofit specifically, the sharpest exposure to manage is violation of IRC Section 501(c)(3) political-campaign prohibition via AI-generated voter content plus federal-grant internal-control failures under 2 CFR Part 200. Given Missouri's concentration in transportation logistics, financial services, and healthcare, freight-routing algorithms, consumer-lending models, and rural telehealth AI deserve priority in your AI inventory.

Verified 2026-04-29. See https://ago.mo.gov/ for the Missouri Attorney General public record on Missouri AI policy.