On March 31, 2026, Mila brought together about thirty industry professionals from roughly fifteen Canadian financial institutions for a candid exchange on artificial intelligence, risk, and consumer protection. The resulting report is one of the most lucid documents published this year on the actual state of AI in Canadian finance.
Around the table: the Autorité des marchés financiers, National Bank, Desjardins, iA Financial Group, the Caisse de dépôt et placement du Québec, Manulife, the Office of the Superintendent of Financial Institutions, RBC Borealis, and others. In short, the very organizations our sector seeks to serve and protect.
Their diagnosis is direct, and it deserves careful reading by every firm, MGA, broker, or insurer wondering how to move from experimentation to actual value.
The Problem Is Not the Tech. It Is Operational Maturity.
The report's most important message fits in a single sentence: scaling AI is not limited by technological capability, but by a lack of maturity in governance, data preparation, and clear definition of responsibilities.
In other words, the language model is no longer the bottleneck. An organization's ability to frame, trace, and audit what its AI does is what separates a forgotten pilot project from a production deployment.
The report describes what many experience in silence: a large share of initiatives stays stuck at the proof-of-concept stage, and the move to production is slow and resource-intensive. The PoC trap is real, and it is expensive.
Governance introduced late is perceived as the police. Built in early, it becomes an accelerator.
This is, for us, the most liberating idea in the document. Too many organizations experience compliance as a late-stage brake. The report argues for the opposite. When governance is woven into development, risk, and compliance workflows from the start, it accelerates adoption rather than slowing it down.
Data Residency Is No Longer a Technical Detail
The report is explicit on a point we defend relentlessly: loss of control over where data lives and who can access it is a decisive factor pushing institutions to develop in-house solutions, even at the cost of certain performance compromises.
The document also describes a phenomenon every leader will recognize. Lacking adequate internal tools, employees fall back on personal accounts and unofficial channels to access better tools. This is shadow IT, and it is a major compliance risk in a sector where every client communication must be retained and auditable.
There is a real tension here. External tools are often more powerful and more user-friendly, but they introduce risks of data leakage, loss of control, and lack of visibility. The report even highlights that many vendors refuse to share enough detail on their risk assessment, while the institution itself remains fully accountable.
Guardrails Are No Longer Optional
In a high-stakes sector like finance, the report is unambiguous: guardrails can no longer be treated as add-ons grafted onto a language model after the fact. They must be designed into the system architecture itself, monitored over time, and evaluated against realistic failure modes.
The shift to agentic AI changes the game. An agent no longer just replies. It navigates, triggers tools, writes data, extracts content, acts on internal infrastructure. The attack surface widens, and complexity itself becomes a risk multiplier. Prompt injection, excessive permissions, poorly defined human-in-the-loop checkpoints. These are very concrete concerns.
The way forward the report proposes looks strikingly similar to what we are building. Modular guardrail architectures, combining fast and specialized classifiers, configurable policy libraries, and selective use of either a judge model or human review. With one often-overlooked requirement: multilingual robustness, a point especially sensitive in bilingual Quebec and Canada.
Humans Remain the Final Arbiter
The report tempers ambient enthusiasm. The deployment of autonomous agents is still in its early stages. Most organizations are running proofs of concept rather than deploying in production, and efforts focus on internal tools and strictly framed actions. The gains are tangible, however, with automation of repetitive tasks that can save 30 to 40% of the time.
But the conclusion is clear. Human judgment remains the final arbiter for high-stakes decisions. The future of finance does not lie in replacing human expertise, but in amplifying it, on condition of preserving traceability, auditability, and accountability.
The technical best practices identified point in the same direction: limit agent actions to read-only or tightly constrained operations, put fine-grained observability with immutable logs in place, and segment data by reserving synthetic or de-identified sets for test environments.
Four Principles for Firms and Institutions
- Build governance in early. Not as a control layer added at the end, but as a foundation built into the very first workflow.
- Demand data sovereignty. Knowing where data lives and who can access it is a risk-management question, not a technical preference.
- Design guardrails into the architecture. Especially for agentic systems, where each new capability widens the risk surface.
- Keep humans in the loop. Gradual scaling, controlled environments, and human judgment as the final decision authority.
The Canadian financial sector is reaching a tipping point. The technology is ready. What will distinguish the winning organizations is their ability to deploy AI in a way that is trustworthy, compliant, and fundamentally protective of the consumer. That is exactly the ground we have chosen to build on.