The OECD.AI Policy Navigator

Our policy navigator is a living repository from more than 80 jurisdictions and organisations. Use the filters to browse initiatives and find what you are looking for.

Voluntary Code of Conduct on the Responsible Development and Management of Advanced Generative AI Systems


Added by:   OECD analyst
Added on:   29 Jun 2026
Updated by:   OECD analyst
Updated on:   10 Jul 2026

The Voluntary Code of Conduct on the Responsible Development and Management of Advanced Generative AI Systems, issued by Innovation, Science and Economic Development Canada in September 2023, is a voluntary commitment under which organisations developing or managing generative AI systems adopt measures to identify and mitigate associated risks, aligned with six outcomes: accountability, safety, fairness and equity, transparency, human oversight and monitoring, and validity and robustness.

Initiative overview

The Voluntary Code of Conduct on the Responsible Development and Management of Advanced Generative AI Systems, issued by Innovation, Science and Economic Development Canada (ISED) in September 2023, was developed following a public consultation held from early August to mid-September 2023, during which 92 respondents, including members of the Advisory Council on Artificial Intelligence, businesses, academics, civil society organisations, and members of the public, submitted recommendations via written submissions, roundtable discussions, and bilateral meetings. The Code applies to advanced generative AI systems with general-purpose capabilities, such as ChatGPT, Midjourney, Bard, and Llama, whilst excluding narrowly scoped, low-risk tools such as grammar correction software.

The Code organises its commitments around six principles — accountability, safety, fairness and equity, transparency, human oversight and monitoring, and validity and robustness — and sets out eighteen measures differentiated by actor type (developers and managers) and system type (all advanced generative systems versus those available for public use). Developers and managers are assigned distinct but complementary responsibilities, with information-sharing between them central to effective risk mitigation. For instance, managers are expected to monitor deployed systems for harmful uses and report incidents to developers, who in turn maintain incident databases and issue updates. Additional measures apply to publicly available systems, including third-party audits prior to release, watermarking of audio-visual content, and publication of training data descriptions.

To support implementation, ISED published a companion Implementation Guide for Managers of Artificial Intelligence Systems, providing granular best practices across the five principles applicable to managers. The Guide addresses the full AI system lifecycle and covers areas including procurement due diligence, risk management frameworks, cybersecurity, transparency protocols, and human oversight procedures. It recommends that organisations tailor their approach proportionately to their risk profile and operational context, and points to a repository of international reference resources, including standards from ISO, NIST, and the OECD, as well as the EU AI Office's General-Purpose AI Code of Practice. Signatories additionally commit to contributing to standards development, sharing best practices across the ecosystem, and pursuing inclusive and sustainable growth in Canada.