AI Ethics, Audited: Canada Tries Assurance at Scale

Canada is moving AI ethics from principles to practice, testing assurance tools, audits, and disclosure rules. From Quebec’s Law 25 to federal algorithmic impact assessments, Canadian organisations are learning how governance works in the real world.

Canada’s AI ethics debate is shifting from promises to proof. In boardrooms, ministries, and labs from Montreal to Vancouver, the centre of gravity has moved to assurance, the practical work of showing how systems behave, who is accountable, and what happens when things go wrong. It is less about mission statements and more about model inventories, incident logs, and public notices. What changed: from principles to paperwork The pivot has been building for several years. Quebec’s privacy regime, often referred to as Law 25, now requires organisations to disclose when automated decision making affects individuals and to offer meaningful explanations. At the federal level, departments must complete an Algorithmic Impact Assessment before deploying significant automated decision systems, a requirement set by the Treasury Board’s Directive on Automated Decision-Making. Financial regulators have also leaned in. The Office of the Superintendent of Financial Institutions has consulted on model risk management that covers advanced analytics, a signal that banks and insurers are expected to verify and monitor models, not just deploy them. Standards bodies have joined the push. The Standards