Corporate Social Responsibility Legislation In Australia: What It Means For Your Business

Corporate social responsibility (CSR) is no longer a “nice to have” in Australia. Customers, employees, investors and regulators increasingly expect businesses to operate ethically, treat people fairly and minimise harm to the environment.

If you’re growing a startup or running an established company, understanding the legal side of CSR helps you build trust, manage risk and stay compliant. The good news? You don’t need to be a big corporate to get this right - a simple, practical approach goes a long way.

In this guide, we break down how CSR works under Australian law, which rules commonly apply, and the practical steps you can take to put CSR into action in your business.

What Is Corporate Social Responsibility (CSR)?

CSR is the idea that businesses have responsibilities beyond profit. It’s about how you make money - not just how much - and the impact your decisions have on people and the planet.

In practice, CSR can include things like fair work practices, safe workplaces, honest marketing, responsible supply chains, inclusion and diversity initiatives, emissions reduction, community contributions and transparent governance.

A simple way to think about it: CSR covers both voluntary initiatives and legal obligations that help your business operate ethically, contribute to sustainable development and look after stakeholders such as your staff, customers, suppliers and community.

What Does CSR Look Like Day-To-Day?

• Setting clear workplace health and safety practices and acting on hazards promptly.
• Choosing suppliers who meet fair labour standards and addressing modern slavery risks where relevant.
• Being honest in your advertising and offering the consumer guarantees required by law.
• Reducing waste and energy use where it’s practical and cost-effective.
• Documenting policies (for example, a code of conduct or privacy practices) and training your team.

Done well, CSR builds long-term value. It strengthens your brand, helps you win great people and partners, and reduces the chance of costly disputes or regulatory issues.

Is There A Single CSR Law In Australia?

No. There isn’t a standalone “CSR Act” in Australia.

Instead, CSR is shaped by a framework of existing laws and standards - some mandatory, some voluntary - that sit across consumer protection, workplace safety, environment, human rights, privacy and corporate governance.

This means your CSR obligations depend on what your business does, its size and where you operate. For example, all businesses selling goods or services must comply with the Australian Consumer Law, while only certain large entities must complete modern slavery statements.

It also means CSR isn’t just a policy on your website. It’s about how you meet your legal duties and where you choose to go further, in ways that make sense for your business and stakeholders.

The Main Australian Laws That Shape CSR

Here are the key legal areas that commonly inform CSR in Australia. The exact mix for your business will vary, but these are the usual pillars to consider.

1) Corporations Law And Director Duties

Company directors and officers must act in the best interests of the company and exercise care and diligence. In practice, that can include considering foreseeable, material risks that affect the business - for example, significant supply chain issues, workplace safety failures or environmental incidents that could impact reputation or financial performance.

This doesn’t make directors automatically liable for every environmental or social issue. Rather, it’s about taking reasonable steps to understand and manage the risks that matter to the company.

2) Australian Consumer Law (ACL)

If you sell goods or services, the Australian Consumer Law applies. It prohibits misleading or deceptive conduct, sets rules for advertising and pricing, and provides consumer guarantees for faulty products or services. Treat this as the foundation for fair dealings with customers and transparent marketing. You can read more about the ACL’s misleading conduct rules in this overview of Section 18.

3) Work Health And Safety (WHS)

Every jurisdiction has WHS laws requiring you to provide a safe working environment, manage risks and consult workers on safety matters. WHS laws focus on health and safety - issues like discrimination or harassment are generally covered under separate employment and anti-discrimination laws.

4) Anti-Discrimination And Employment Laws

Federal and state laws prohibit unlawful discrimination and set minimum employment standards (including pay, leave and termination rules). A fair workplace is a core CSR expectation, and putting the right agreements and policies in place helps you meet these obligations. If you’re hiring staff, start with a compliant Employment Contract and appropriate workplace policies.

5) Environmental Protection Rules

Depending on your activities and location, you may need to comply with environmental permits, waste and pollution controls, or reporting duties. These are more significant for sectors like construction, manufacturing, logistics and primary production, but service-based businesses may also have obligations around waste and resource efficiency.

6) Modern Slavery (For Larger Entities And Their Suppliers)

Entities with consolidated annual revenue of at least $100 million are required to publish annual modern slavery statements that explain how they identify and address modern slavery risks in their operations and supply chains. Even if your business is below the threshold, large customers may ask you to meet certain standards in your supplier arrangements.

7) Privacy And Data Protection

Australia’s Privacy Act applies to “APP entities” (including most businesses with annual turnover of $3 million or more, and some smaller businesses in specific categories). If the Privacy Act applies to you, you’ll need an up-to-date Privacy Policy and appropriate practices for collecting, using and storing personal information. Even where the small business exemption applies, many businesses still adopt a privacy policy due to customer expectations or contractual requirements.

8) Voluntary Standards And Industry Codes

Outside of law, many organisations opt into voluntary frameworks - for example, sustainability certifications, industry codes or supplier codes of conduct. These can support your brand and help meet partner expectations, but they don’t replace your legal duties.

How CSR Obligations Play Out For Small Businesses

CSR isn’t just for listed companies. If you employ staff, sell to the public or work with larger organisations, some CSR-related obligations will apply to you - and getting them right early is simply good business.

Minimum Legal Expectations For Most SMEs

• Follow consumer law: don’t mislead customers, honour consumer guarantees and advertise transparently.
• Keep people safe at work by managing hazards, consulting workers and documenting WHS processes appropriate to your risk profile.
• Comply with employment and anti-discrimination rules, including proper pay, entitlements and fair treatment at work.
• Respect privacy obligations that apply to your business model (or required by contract) and handle data securely.
• Manage environmental impacts relevant to your industry and location (for example, waste or noise requirements).
• Address supply chain expectations in contracts with larger customers, particularly around labour standards and modern slavery risk.

Why Going A Bit Further Can Pay Off

Beyond compliance, proactive CSR can win you business. Government and enterprise customers often request evidence of ethical sourcing, safety systems, data security and environmental initiatives before they sign a contract. It can also help attract great talent and reduce turnover.

Think of CSR as a practical risk management tool that doubles as a brand strength. Clear policies, training and sensible targets make day-to-day decisions easier and more consistent.

Building A Practical CSR Program In Your Business

You don’t need a 60-page sustainability report to be credible. Start small, align your efforts to your risks and values, and build from there.

Step 1: Map Your Legal Baseline

• List the laws that apply to your operations (consumer, WHS, employment, privacy, environmental, any industry rules).
• Check your contracts. Larger customers may require you to meet specific standards or complete questionnaires about safety, ethics and data security.
• Note any reporting or policy requirements that are mandatory for your entity type.

If you’re unsure, getting targeted advice at this step can save time and cost later.

Step 2: Choose Priorities That Fit Your Business

• Pick a handful of focus areas that matter for your risks and stakeholders - for example, safe work practices, ethical sourcing, waste reduction or inclusion and diversity.
• Set simple, realistic goals you can measure (e.g. onboarding all staff with WHS and anti-bullying training; adding supplier clauses that address labour standards).

Step 3: Put Policies And Processes In Place

Document what “good” looks like in your business and make it easy to follow. Keep policies short, practical and part of your normal onboarding and supplier setup.

• Workplace health and safety procedures, incident reporting and training.
• Fair work practices, anti-discrimination and grievance handling.
• Supplier onboarding that checks labour, safety and environmental standards where relevant.
• Privacy and data security practices for websites, customer records and marketing lists; publish a clear Privacy Policy if it applies or is expected by stakeholders.
• Marketing sign-off processes so promotions comply with the ACL.

Step 4: Be Transparent And Track Progress

Share your commitments on your website or capability statements, and report on progress annually (even if it’s internal). If you’re required to submit any formal reports, set a calendar reminder and assign responsibility early.

Step 5: Review And Improve

CSR isn’t “set and forget.” Revisit your priorities each year as your business grows, laws change or stakeholders raise new expectations. Update policies, refresh training and keep your contracts aligned to current standards.

Documents To Support Your CSR Program

The right contracts and policies help you put CSR into practice and demonstrate compliance. Depending on your size and risk profile, consider:

• Employment Contract: sets clear rights and obligations for staff, aligning with your fair work practices. Start with a compliant Employment Contract and add role-specific schedules if needed.
• Workplace Policies/Staff Handbook: capture WHS processes, bullying and harassment, equal opportunity, and grievance handling in one place (a Staff Handbook can make this easy).
• Supplier Or Supply Agreement: include clauses on compliance with laws, labour standards, modern slavery due diligence and audit/termination rights if serious breaches occur.
• Whistleblower Policy: if required for your company type, a Whistleblower Policy encourages reporting of misconduct and supports a culture of speaking up.
• Privacy Policy: required for many APP entities and often expected by customers and partners; it explains how you handle personal information. Use a tailored Privacy Policy that matches your data flows.
• Data Breach Response Plan: a practical playbook for containing and responding to data incidents and meeting notification duties where they apply - see a Data Breach Response Plan.
• Shareholders Agreement: for multi-founder businesses, a Shareholders Agreement can lock in decision-making and governance settings that support your CSR approach.

Not every business needs every document on day one, but having the essentials in place reduces risk and shows stakeholders you’re serious about responsible business.

Key Takeaways

• There’s no single “CSR law” in Australia - your CSR obligations come from existing rules across consumer law, WHS, employment, privacy, environment and corporate governance.
• For most SMEs, the core legal expectations are clear: keep people safe, treat customers fairly under the ACL, comply with employment and anti-discrimination rules, respect privacy requirements and manage environmental impacts relevant to your operations.
• Directors aren’t liable for every social or environmental issue, but they should take reasonable steps to manage material risks to the company that arise from these areas.
• Simple policies, training and contracts can turn CSR into everyday practice - for example, using a solid Employment Contract, Supplier Agreement, Privacy Policy and whistleblowing processes.
• Proactive CSR can help you win bigger customers, attract great staff and avoid disputes, while preparing you for evolving expectations and reporting requirements.
• Start with your legal baseline, pick a few priorities, document how you’ll meet them and review regularly as your business grows.

If you’d like a consultation on meeting corporate social responsibility legislation in Australia for your business, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.