PwC Canada Launches ISO 42001 Certification to Define AI Trust

TORONTO, ON – February 10, 2026 – As artificial intelligence rapidly integrates into every facet of the global economy, a critical question has emerged for business leaders, regulators, and the public: how can we trust it? Addressing this growing trust deficit, PwC Canada has launched a groundbreaking AI governance certification, becoming the first of the Big 4 firms in North America to offer accreditation services for the new ISO/IEC 42001 standard.

The move comes at a pivotal moment. While a recent IDC report indicates that over 90% of organizations now use AI, a profound gap in confidence persists. PwC Canada's own CEO Survey found that less than half (45%) of Canadian chief executives have formalized responsible AI and risk management processes. This new certification aims to provide a clear, independent, and internationally recognized benchmark for proving that an organization’s AI systems are governed responsibly.

"Until now there hasn't been a clear, independent way for organizations to prove their AI is trustworthy. Our ISO 42001 certification changes that," said Brenda Vethanayagam, AI Trust Leader at PwC Canada, in a statement. "By coupling PwC's deep assurance expertise with the rigor of an internationally recognized standard, we're giving organizations the confidence they need to scale AI responsibly—and the proof to show their customers and stakeholders."

Establishing a New Gold Standard for Trustworthy AI

Published in late 2023, ISO/IEC 42001 is the world's first international standard for an Artificial Intelligence Management System (AIMS). It provides a structured, auditable framework designed to guide organizations in the ethical development, deployment, and lifecycle management of AI. The standard is not just a technical checklist; it is a comprehensive governance tool that mandates clear policies, risk assessments, and accountability structures.

At its core, the standard requires organizations to manage AI-specific risks related to ethics, fairness, transparency, and security. This includes evaluating data sources to mitigate bias, testing the robustness of models against drift and manipulation, and ensuring that decision-making processes are explainable. For businesses, achieving this certification provides tangible evidence—validated by an independent third party—that their commitment to responsible AI is more than just a policy statement.

PwC Canada is further enhancing this offering by linking it to its established cybersecurity assurance services. "By integrating ISO 42001 with our existing ISO 27001 capabilities, we are delivering North America's first unified AI/Cyber Trust offering, setting a new benchmark for responsible, secure, and compliant AI adoption," stated Kartik Kannan, the firm's ISO Certification Practice Leader.

This integrated approach acknowledges that AI systems are inseparable from the data and infrastructure that support them, creating a holistic framework for managing both AI governance and cybersecurity risks in tandem.

A Race to Fill the AI Governance Gap

The launch of this certification service taps into a significant and rapidly growing market demand. While businesses are eager to harness AI for a competitive edge, many are held back by internal and external trust barriers. A 2023 Forrester poll found that nearly a third of AI decision-makers view trust as the single biggest obstacle to generative AI adoption in their organization. This hesitation is mirrored in consumer sentiment, with independent surveys showing that a vast majority of the public remains wary of how companies use AI, citing concerns over misinformation, data privacy, and lack of control.

PwC's move positions it as a first-mover among its direct competitors in the North American market. While other major consulting firms and international certification bodies like BSI and TÜV SÜD are actively providing training and guidance on ISO 42001, PwC Canada is the first of the Big 4 to offer the formal accreditation service in the region. This signals the beginning of a competitive race to dominate the burgeoning AI assurance market, a sector projected to grow exponentially as organizations seek to validate their AI practices.

"Organizations are making bold moves with AI, but trust cannot be an afterthought," said Darren Henderson, PwC's Global Trust and Transparency Leader. The sentiment reflects a broader industry understanding that embedding governance from the outset is not a hindrance to innovation but an enabler. According to IDC, organizations that adopt a responsible, ethics-forward approach to AI report tangible benefits, including improved customer experience, stronger brand reputation, and more confident business decisions.

Beyond Compliance in a Shifting Regulatory Landscape

The strategic value of ISO 42001 certification extends far beyond voluntary best practice, offering a vital tool for navigating an increasingly complex and fragmented regulatory environment. In Canada, the proposed Artificial Intelligence and Data Act (AIDA) aims to establish a risk-based framework for AI, imposing strict requirements on developers and deployers of "high-impact" systems. Although AIDA's legislative journey has been slow, its principles—focusing on risk mitigation, transparency, and accountability—are shaping future compliance expectations.

South of the border, the United States presents a different challenge. The lack of a comprehensive federal AI law has led to a patchwork of state-level regulations in places like California, Utah, and Tennessee. This regulatory fragmentation, combined with fluctuating federal directives on AI, creates a complex compliance web for companies operating across North America.

In this uncertain climate, a globally recognized standard like ISO 42001 offers a stable and consistent benchmark. Adhering to it allows organizations to demonstrate due diligence and build a robust governance framework that can adapt to future legal requirements, whether in Ottawa, Washington D.C., or Brussels. It transforms AI governance from a reactive, compliance-driven exercise into a proactive strategy for mitigating risk and building sustainable value.

By providing a clear path to verifiable trust, this new certification service represents a maturation of the AI industry. It signals a shift from a period of unbridled experimentation to an era where accountability, safety, and ethical integrity are becoming prerequisites for innovation and market leadership.