Policy Briefing — Canada Updates Directive on Automated Decision-Making
Canada’s Treasury Board Secretariat issued Directive on Automated Decision-Making 2.0 on 30 April 2024, tightening AI system impact assessments, transparency, and monitoring obligations for federal institutions.
Executive briefing: The Treasury Board of Canada Secretariat (TBS) published Version 2.0 of the Directive on Automated Decision-Making on 30 April 2024. The update modernises Canada’s federal AI governance framework by expanding scope to generative and assistive AI, mandating refreshed Algorithmic Impact Assessments (AIAs), and embedding continuous monitoring controls before agencies can deploy automated decision systems.
Key obligations
- Broader system coverage. Section 4.2 applies the directive to any system that influences administrative decisions, including tools that support but do not fully automate outcomes.
- Updated Algorithmic Impact Assessment. Institutions must complete the new AIA questionnaire, publish the summary online, and refresh it annually or when systems change materially.
- Human oversight and explainability. Section 6.2 requires meaningful human intervention proportional to risk level, alongside accessible explanations for affected individuals.
- Incident management. Section 6.4 establishes obligations to log, triage, and report adverse incidents, including algorithmic bias, security breaches, or service disruptions.
- Third-party accountability. Contracts must embed directive requirements, ensuring vendors deliver documentation and risk controls that support federal compliance.
Implementation timeline
- Effective date. Directive 2.0 takes effect on 1 July 2024.
- Legacy system reassessment. Existing automated decision systems must complete the updated AIA within 12 months.
- Annual review cadence. Risk controls, monitoring dashboards, and public disclosures require at least yearly review and certification.
Program actions
- Inventory systems. Catalogue all tools influencing decisions (eligibility determinations, benefit calculations, risk scoring) to confirm directive applicability.
- Refresh AIAs. Populate the new AIA template, documenting datasets, mitigation controls, and governance approvals for publication.
- Design monitoring dashboards. Implement metrics for model drift, bias, security events, and service availability tied to incident escalation workflows.
- Vendor governance. Amend contracts to include audit rights, documentation deliverables, and compliance representations aligned with Section 7.
Sources
- TBS — Directive on Automated Decision-Making (Version 2.0)
- TBS — Responsible Use of Artificial Intelligence in the Government of Canada
Zeph Tech calibrates Canada’s Algorithmic Impact Assessments, monitoring dashboards, and procurement clauses so federal programmes comply with Directive 2.0 from day one.