Bill S-211 Reporting Guide for Canadian Organizations

Bill S-211, formally Canada's Fighting Against Forced Labour and Child Labour in Supply Chains Act, came into force on January 1, 2024. It requires certain Canadian organizations to file an annual public report describing the steps they have taken to identify, prevent, and reduce the risk of forced labour and child labour in their supply chains. This guide explains who must file, what the report has to contain, when it is due, and how a structured supplier attestation workflow turns annual reporting from a scramble into a routine exercise.

Who must file under Bill S-211

The Act applies to two broad categories of entity:

Government institutions — federal departments, Crown corporations, and similar bodies that produce, sell, or distribute goods anywhere, or import goods into Canada.

Private-sector entities that meet both a connection-to-Canada test and a size test. The connection test is met if the entity is listed on a Canadian stock exchange, has a place of business in Canada, does business in Canada, or has assets in Canada. The size test is met if the entity meets two of the following three thresholds in at least one of its last two financial years:

• At least CAD $20 million in assets
• At least CAD $40 million in revenue
• An average of at least 250 employees

If the size and connection tests are met, and the entity produces, sells, or distributes goods in Canada or elsewhere — or imports goods into Canada — or controls another entity that does any of the above, the Act applies.

What the report must contain

Each report must address seven specific topics. The structure is set out in section 11 of the Act:

1. Steps taken during the previous financial year to prevent and reduce the risk that forced labour or child labour is used in producing goods or in supply chains.
2. Structure, activities, and supply chains of the entity.
3. Policies and due diligence processes relating to forced labour and child labour.
4. Parts of the business and supply chains that carry a risk of forced labour or child labour being used, and the steps taken to assess and manage that risk.
5. Any measures taken to remediate forced labour or child labour.
6. Any measures taken to remediate the loss of income to the most vulnerable families resulting from any measure taken to eliminate forced labour or child labour.
7. Training provided to employees on forced labour and child labour.

The report must be approved by the entity's governing body — typically the board of directors — and signed by a director or officer. It is then submitted to the Minister of Public Safety and made publicly available on the entity's website.

Deadlines and consequences

Reports are due by May 31 each year for the previous financial year. The first reports under the Act were due May 31, 2024, covering financial year 2023.

Failure to file, false or misleading statements, and obstruction of an inspection are summary conviction offences carrying fines up to CAD $250,000. Directors and officers can be held personally liable. Beyond fines, reputational risk is substantial: reports are public and indexed by Public Safety Canada.

Where most organizations struggle

The report itself is short — most filings run five to fifteen pages. The hard part is the underlying data collection. Sections 4 and 1 require concrete, evidenced statements about supplier risk and the steps taken to address it. That means actually gathering information from suppliers about their labour practices, training programs, and remediation history.

For organizations with hundreds or thousands of suppliers, this collection effort is the bottleneck. Without a structured workflow, procurement teams end up sending one-off email questionnaires, chasing responses, copying answers into spreadsheets, and recreating the process every year. Audit trails are thin, response rates are low, and the resulting report is harder to defend.

The supplier attestation workflow that actually works

A defensible Bill S-211 program rests on a repeatable attestation workflow. The model that QCsolver uses for client organizations has four components:

1. Hosted attestation form. A standardized questionnaire is presented to every supplier in the supplier portal. Questions cover the supplier's own forced labour and child labour policies, training, sub-tier supplier oversight, and any incidents in the prior year. Suppliers sign and date the attestation electronically.

2. Required-field validation. The form rejects incomplete submissions. Every supplier file in your database has either a current attestation or a flag indicating non-response.

3. Active follow-up. Outstanding attestations are pursued by trained staff. Reminders escalate from email to phone over a fixed cadence. The chase does not fall to your procurement team.

4. Audit-ready export. At reporting time, the platform produces a structured data package: total supplier count, attestation completion rate, risk-flagged suppliers, remediation activity, and supporting documents. This package becomes the evidence file behind section 4 and section 1 of your report.

What good supplier risk-flagging looks like

Section 4 of the report asks where risk lives in your supply chain. A useful answer requires more than a generic statement. Effective programs segment suppliers by:

• Country of operation — high-risk jurisdictions per the U.S. Department of Labor's List of Goods Produced by Child Labor or Forced Labor.
• Industry — sectors with known elevated risk including textiles, agriculture, electronics manufacturing, and certain mining.
• Sub-tier visibility — whether the supplier has visibility into its own suppliers and can attest to their practices.
• Past incidents — any history of forced labour, child labour, or labour standards violations.

Risk-flagged suppliers receive enhanced due diligence: deeper questionnaires, evidence requests, and where warranted, on-site audits or third-party verification.

Common pitfalls in first-year reports

Several patterns appeared in the first wave of Canadian filings and are worth avoiding:

Boilerplate language. Reports that cut and paste generic policy statements without supplier-level data look weak under regulatory scrutiny. Public Safety Canada has signalled that future enforcement will focus on substance over form.

No baseline measurement. Reports that describe future intentions without a current baseline (supplier count, attestation rate, risk-tier distribution) are hard to evaluate and even harder to improve year over year.

Missing board approval evidence. The Act requires explicit governing-body approval. Some first-year reports lacked clear documentation of board sign-off.

Late publication. The report must be both submitted to the Minister and published on the entity's website. A delay on the public-facing piece is still a compliance gap.

Where QCsolver fits

QCsolver hosts the supplier attestation form on behalf of client organizations. We invite suppliers, collect responses, follow up directly on incomplete or missing attestations, and deliver an audit-ready data package each spring ahead of the May 31 deadline. The reporting team builds the narrative; we handle the supplier-level collection that backs it up.

For organizations that operate across multiple Canadian regulatory regimes — Bill S-211 federally, the Buy Ontario Act provincially, OEB and Accreditation Canada sectorally — the same supplier database supports all of them. One attestation, one supplier profile, multiple regulatory uses.