Australian Small Business Code Of Conduct: What To Include And Implement

A clear code of conduct is one of the simplest (and most effective) ways to help protect your business as you grow.

When you’re running a small business, it’s easy for “culture” and “how we do things here” to live in your head - or be passed on informally. The problem is that informal expectations can quickly turn into confusion, inconsistent decisions, and avoidable disputes if something goes wrong.

A well-written code of conduct helps you set standards early, align your team, and reduce legal and operational risk. It also makes it much easier to manage performance and behaviour fairly, because everyone knows what’s expected.

Below, we’ll walk you through what a code of conduct typically covers for Australian small businesses, how to tailor it to your operations, and how to implement it in a way that actually sticks (not just a document that sits in a folder).

What Is A Code Of Conduct (And Why Does Your Business Need One)?

A code of conduct is a workplace policy document that sets the behavioural standards you expect from your people - including employees, contractors, and sometimes even directors and volunteers (depending on your structure).

In plain terms, it answers questions like:

• How do we treat customers and each other?
• What behaviours are unacceptable?
• How do we handle conflicts of interest?
• What happens if someone breaches the rules?

Even if you only have a small team, a code of conduct helps you:

• Create consistency: managers (including you) can respond to issues in a clear, repeatable way.
• Set culture early: when you’re hiring quickly, values can drift unless they’re documented and communicated.
• Reduce legal risk: clear policies can support fair process if you need to issue warnings or end employment.
• Protect your brand: staff behaviour is often indistinguishable from “the business” in a customer’s eyes.
• Support workplace safety: behaviour standards are part of a healthy, respectful, psychologically safe workplace.

A code of conduct usually sits within a broader policy framework. For example, many businesses include it inside a Staff Handbook or align it with an overarching workplace policy suite.

What Should You Include In A Code Of Conduct For A Small Business?

There’s no “one size fits all” template that works perfectly for every business. But there are core sections that most Australian small businesses should consider including in a code of conduct.

Think of your code of conduct as a practical guide: it should be easy to read, specific enough to be workable in practice, and broad enough to cover the behaviours that matter most to your business.

1. Your Business Values And Expected Standards

Start with a short statement explaining the purpose of the code of conduct and the values behind it (for example: integrity, respect, safety, customer care, inclusivity).

This section sets the “why” - and it also helps your team understand that the code is about creating a safe and professional workplace, not just “rules for rules’ sake”.

2. Professional Behaviour And Respectful Workplace Conduct

This is often the heart of a code of conduct. It usually covers expectations around:

• Respectful communication (including online communication and messaging apps)
• Bullying, harassment and discrimination (including sexual harassment)
• Behaviour at work events (even if outside standard hours)
• Dealing with customers and suppliers
• Following reasonable directions from managers

If you operate in a high-pressure environment (hospitality, trades, sales, healthcare, startups), spelling this out clearly can help prevent “heat of the moment” issues escalating into formal complaints.

3. Conflicts Of Interest And Secondary Work

A conflict of interest happens when someone’s personal interests interfere (or appear to interfere) with their duties to your business.

Your code can set rules on:

• Declaring conflicts early (for example, a family member becomes a supplier)
• Gifts, benefits and hospitality (what is acceptable, what must be declared)
• Outside work or side businesses that could compete with you
• Using your business resources for personal gain

For small businesses, this is especially important because teams are often lean and people wear multiple hats - which can create grey areas if expectations aren’t clear.

4. Confidentiality And Handling Business Information

If your team has access to quotes, pricing, supplier terms, client lists, internal templates, or product roadmaps, you’ll want confidentiality expectations to be clear.

Your code of conduct can cover:

• What information is confidential
• How confidential information should be stored and shared
• Restrictions on sharing business information externally (including on social media)
• What happens when someone leaves (return of devices, documents, access removal)

Confidentiality is often also addressed in employment contracts and contractor agreements. For employees, it’s common to align your code with your Employment Contract so your expectations are consistent across documents.

5. Use Of Company Property, IT Systems And Online Tools

Many conduct issues happen through day-to-day systems - email, Slack/Teams, shared drives, CRM platforms, and personal phones used for work.

Consider including standards around:

• Using company devices and accounts appropriately
• Password security and access controls
• Appropriate internet use during work time
• Downloading or installing unauthorised software
• AI tools (if your business uses them) and inputting confidential information

Depending on your setup, these rules may also sit in a separate Acceptable Use Policy, with your code of conduct referencing it.

6. Privacy And Handling Customer Personal Information

If your business collects personal information - even something as simple as customer names, emails, delivery addresses, or appointment notes - your conduct rules should cover privacy and data handling basics.

This can include:

• Only collecting and using customer data for legitimate business purposes
• Not accessing customer records without a valid reason
• Reporting suspected data breaches quickly
• Restrictions on storing customer data on personal devices

On the external-facing side, most businesses will also need a Privacy Policy to explain how personal information is collected and used.

7. Safety, Drugs And Alcohol (Where Relevant)

Not every small business needs a long section on drugs and alcohol. But if you operate vehicles, machinery, tools, or you work in high-risk environments, it’s often essential to set clear standards.

This may include:

• Being fit for work
• Prohibitions on attending work under the influence
• Incident reporting obligations
• Following safety procedures and wearing PPE

Even for office-based teams, you can still include high-level expectations about safety and reporting hazards.

8. Complaints, Reporting And Whistleblowing

A code of conduct should make it clear how people can report concerns - and reassure them that reports will be handled appropriately.

This is especially important for:

• Bullying or harassment concerns
• Fraud or misconduct
• Safety incidents
• Serious breaches of policy

Some businesses (particularly companies) may also need a dedicated Whistleblower Policy depending on size and structure. Even where it’s not mandatory, having a clear reporting process is a strong governance move.

9. Disciplinary Consequences And Investigation Process

This is the section that often determines whether your code of conduct is practical to apply when an issue comes up.

You don’t need to turn your code into a legal textbook, but it should explain (at a high level):

• What happens if someone breaches the code
• That breaches will be assessed fairly and consistently
• That consequences may include counselling, training, formal warnings, or termination (depending on severity)
• That serious misconduct may result in immediate action

Importantly, avoid “automatic termination” wording. In practice, you’ll usually need to consider the context, follow a fair process, and comply with employment laws and any applicable award or enterprise agreement.

How To Implement A Code Of Conduct In Your Business (So It Actually Works)

Writing a code of conduct is a great start - but implementation is what makes it effective.

If your team hasn’t read it, doesn’t understand it, or sees it as irrelevant, it won’t help you manage risk when you need it most.

1. Treat It As A Core Business System, Not “Extra Paperwork”

Your code of conduct should be part of your everyday operations, just like your quoting process, your onboarding checklist, or your customer service standards.

A practical way to do this is to build it into the documents you already use - for example, include it in a Staff Handbook and align it with your employment contracts and onboarding process.

2. Introduce It During Onboarding (And Keep A Record)

When someone joins your business, you want to avoid “I didn’t know” later.

During onboarding, you should:

• Provide the code of conduct in writing (ideally alongside other policies)
• Walk through the key parts verbally (even a short meeting helps)
• Give practical examples relevant to the role
• Ask for written acknowledgement that they received and understood it

This acknowledgement can be helpful if you later need to manage performance or misconduct, because you can show the expectations were communicated.

3. Train Your Leaders To Apply It Consistently

In a small business, your supervisors and managers set the tone. If leadership applies the rules inconsistently, you risk:

• Lower morale and confusion
• Claims of unfairness or favouritism
• Higher legal risk if disciplinary action is challenged

Make sure anyone who manages staff understands:

• What the code requires
• How to document issues
• When to escalate to you (or HR/legal support)
• How to respond calmly and professionally to complaints

4. Make It Easy To Find And Simple To Follow

Your code of conduct should be accessible. Consider:

• Keeping it in a central folder (for example, a shared drive)
• Including it in your HR platform or onboarding portal
• Providing a printed copy if your team is often on-site

Also, keep the language clear. If it reads like it was written for lawyers, your team will switch off (and you’ll lose the practical value).

5. Review And Update It As Your Business Grows

A code of conduct should evolve with your business.

As you scale, you may need to update it for:

• New services or higher-risk work
• New locations or different customer groups
• Remote work and BYOD (bring your own device) arrangements
• New technology and data handling practices
• Changes to workplace laws or industry expectations

A simple approach is to schedule an annual review, plus an “as-needed” review if you experience a serious incident or restructure.

Common Mistakes Small Businesses Make With A Code Of Conduct

A code of conduct should reduce stress, not create more of it. Here are some common pitfalls we see when small businesses try to implement a code of conduct quickly (or copy one from somewhere else).

Copying A Generic Template Without Tailoring It

Templates can be a helpful starting point, but if your code doesn’t reflect how your business actually operates, it can become hard to apply consistently.

For example, a retail business and a software consultancy will have very different customer interactions, data handling risks, and workplace environments.

Being Too Vague (Or Too Extreme)

“Be professional” is a good principle, but not always a useful rule.

On the other hand, overly strict wording (like “any breach will result in termination”) can be unrealistic and may backfire if you’re later required to show fairness and proportionality.

A good code balances clarity with flexibility: it sets minimum standards, explains expectations, and leaves room to assess circumstances.

Forgetting Contractors And Casual Team Members

Many small businesses rely heavily on contractors and casual staff. If they interact with customers, handle confidential information, or use your systems, they should also understand your conduct expectations.

This doesn’t always mean you give contractors the exact same policy pack as employees - but you should still set behavioural standards in writing (often through a contractor agreement and key policies).

Not Thinking About Privacy And Technology Risks

Even small teams can create big risk if there are no rules around customer data, device security, and online behaviour.

If your staff use personal phones, store information in spreadsheets, or communicate with customers through social media, you’ll want your code to set clear boundaries and link in with your Privacy Policy and IT-use expectations.

Rolling It Out Once And Never Mentioning It Again

A code of conduct isn’t a “set and forget” document.

Bring it up:

• During performance reviews
• When you promote someone into a leadership role
• When new risks arise (for example, a new client complaint trend)
• After a near-miss incident or customer escalation

This is how the code becomes part of your culture - not just a compliance file.

How A Code Of Conduct Fits With Your Other Legal Documents

One of the easiest ways to strengthen your legal position is to make sure your documents work together, rather than contradicting each other.

In many small businesses, a code of conduct is supported by (and referenced in) other key documents, such as:

• Employment Contract - often includes obligations like following lawful and reasonable directions and complying with workplace policies such as your Employment Contract.
• Workplace policies - the code sits alongside other policies (for example, leave, discipline, IT use, bullying/harassment) within a broader workplace policy framework.
• Acceptable use rules - particularly important if you manage devices, logins, or remote work through an Acceptable Use Policy.
• Whistleblowing and reporting - the code can explain the “what” and “why”, while a Whistleblower Policy can set out a more detailed process (where appropriate).
• Staff handbook - a central place to house policies and onboarding material, such as a Staff Handbook.

When these documents are aligned, it’s easier for your team to understand the rules - and easier for you to apply them consistently if an issue arises.

Key Takeaways

• A well-written code of conduct sets clear behavioural standards for your team and can help reduce disputes and reputational risk for your small business.
• Most codes of conduct cover respectful workplace behaviour, conflicts of interest, confidentiality, use of company systems, privacy, and how breaches are handled.
• Your code should be tailored to your business, your industry, and how your team actually works (including remote work, customer-facing roles, and data handling).
• Implementation matters: introduce it during onboarding, train leaders to apply it consistently, and keep a record that staff received and understood it.
• A code of conduct works best when it aligns with your Employment Contract, workplace policies, and other key documents like an Acceptable Use Policy.

Note: This article is general information only and doesn’t constitute legal advice. If you’d like advice tailored to your business, you can speak to a lawyer.

If you’d like help putting a code of conduct in place (or updating your workplace policies as your team grows), you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.