Alex is Sprintlaw's co-founder and principal lawyer. Alex previously worked at a top-tier firm as a lawyer specialising in technology and media contracts, and founded a digital agency which he sold in 2015.
When you’re building a startup, you’re making hundreds of decisions a week - who to hire, who to partner with, what you’ll sell, how you’ll market, and how you’ll handle complaints when things go wrong.
Having an ethical code of conduct helps you make those decisions faster, more consistently, and with less risk.
It’s also one of the easiest ways to protect the culture you’re trying to create. Values can feel “soft” until there’s pressure - a frustrated customer, a team conflict, a supplier issue, or a data breach. That’s when a clear code of conduct becomes a practical business tool.
In this guide, we’ll walk you through how to create an ethical code of conduct for your small business in Australia, what to include, and how to actually implement it so it doesn’t just live in a folder nobody reads.
What Is An Ethical Code Of Conduct (And Why Do Startups Need One)?
An ethical code of conduct is a written document that sets out the standards of behaviour you expect in your business - from founders to contractors to employees.
It’s not just about being “nice” or “doing the right thing” in a general sense. A strong code of conduct is specific enough to guide real choices, like:
- How your team should treat customers and each other
- How you handle conflicts of interest
- What you consider acceptable marketing and sales behaviour
- How you manage privacy and information security
- What happens when someone breaches the rules
For startups, a code is particularly useful because your business may be:
- Growing quickly (and onboarding people before processes are mature)
- Operating in “grey areas” while you test new products or business models
- Relying on contractors, freelancers, and external partners
- Building a brand where trust and reputation are everything
Even if you don’t have employees yet, a code of conduct can still matter. It sets the standard for how you work with co-founders, suppliers, collaborators, and customers - and it becomes a foundation for your future policies and contracts.
Is A Code Of Conduct A Legal Requirement In Australia?
For many small businesses, an ethical code of conduct isn’t strictly required by law in the way a licence might be. But it can help you meet legal obligations that are required by setting clear expectations and reducing inconsistent decision-making.
For example, if you have staff, your code of conduct can support workplace expectations and performance management. If you’re selling to consumers, your code helps your team align day-to-day customer practices with the Australian Consumer Law (ACL) - particularly around refunds, representations, and fair treatment.
In other words: the code isn’t a substitute for legal compliance, but it can support compliance by guiding consistent behaviour.
Step-By-Step: How To Create Your Ethical Code Of Conduct
If you want your ethical code of conduct to actually work, it needs to reflect how your business operates in real life - not just generic statements pulled from the internet.
Here’s a practical process you can follow.
1. Start With Your Mission, Values, And Risk Areas
Before you write any rules, get clear on what your business stands for and where you’re most likely to face pressure.
A simple way to do this is to write down:
- Your mission: why you exist (beyond profit)
- Your values: 3–6 principles that guide behaviour (e.g. transparency, respect, safety, fairness)
- Your risk areas: the situations where ethical mistakes are most likely to happen
Risk areas differ by business. For example:
- Ecommerce brands often need clear standards on refunds, advertising, influencers, and customer data
- Service businesses often face issues around scope creep, confidentiality, and fair billing
- Tech startups often need strong rules around privacy, security, conflicts of interest, and intellectual property
Be honest here. Your code should address what could realistically go wrong - not just what looks good on paper.
2. Define Who The Code Applies To (And When)
Your code should clearly state who it applies to. For small businesses, this often includes:
- Founders and directors
- Employees (full-time, part-time, casual)
- Contractors and freelancers
- Interns and volunteers (if relevant)
It also helps to clarify where it applies, such as:
- In the workplace (including remote work)
- At work events
- When communicating with customers or suppliers
- When representing the business online (including social media)
This prevents the common argument of “that happened outside of work” when the conduct still impacts the business.
3. Write Clear Standards (Not Just Aspirational Statements)
A good ethical code of conduct includes values, but it also includes practical rules that people can follow.
For example, instead of:
- “We act with integrity.”
You can write:
- “We do not mislead customers about pricing, product features, or delivery timeframes.”
- “We disclose conflicts of interest (including personal relationships with suppliers or clients).”
- “We keep customer and business information confidential and only access it when needed for our role.”
This is where your code becomes useful in real situations - especially when you’re onboarding new team members or dealing with performance issues.
4. Add A Reporting Path And Consequences
Your code should explain what someone should do if:
- They’re unsure whether something is ethical
- They think someone has breached the code
- They’re experiencing bullying, harassment, discrimination, or unsafe conduct
Keep it simple. For example:
- Step 1: raise it with a manager (or founder)
- Step 2: if inappropriate or unresolved, escalate to a nominated person (e.g. a director or HR contact)
- Step 3: the business investigates and decides on an outcome
It’s also important to outline possible outcomes for breaches (depending on severity), such as:
- Training or coaching
- Formal warning
- Role changes or access restrictions
- Termination of employment or contract
If you employ staff, your code of conduct should align with how you manage misconduct and performance under your employment arrangements. Many businesses handle this through a broader set of workplace policies and an Employment Contract that supports enforceable expectations (for example, by requiring staff to comply with policies and giving you a clear pathway to address breaches fairly).
What To Include In An Ethical Code Of Conduct For An Australian Small Business
There’s no one-size-fits-all template, but most small businesses will benefit from covering the following areas.
1. Honest Marketing And Sales Practices
Startups are often ambitious in marketing - which is fine - but “stretching the truth” can cross into legal and reputational risk quickly.
Your ethical code of conduct should set standards for:
- Clear pricing (including fees, subscriptions, and exclusions)
- Truthful advertising and product claims
- Transparent terms for promotions, giveaways, and discounts
- Fair handling of complaints and returns
This supports compliance with the ACL, including expectations around misleading or deceptive conduct and consumer guarantees. A code won’t replace your customer-facing terms, but it helps your team behave consistently with what you promise customers.
2. Respectful Workplace Behaviour
Your code should describe what respectful behaviour looks like, including a clear stance on:
- Bullying, harassment, discrimination, and victimisation
- Professional communication (including online and Slack/Teams)
- Managing disagreements respectfully
- Inclusive behaviour across cultures, genders, ages, and backgrounds
It’s also a good place to be clear about conduct at work-related events and after-hours situations where someone is still representing the business.
3. Conflicts Of Interest And Gifts
In small businesses, conflicts of interest can be subtle - and they often happen without bad intentions.
Your ethical code of conduct should define a conflict of interest and require disclosure. Common examples include:
- A team member hiring a friend or family member
- A founder owning (or being involved in) a supplier or competitor
- Accepting gifts or benefits that could influence decisions
Include a simple rule like: disclose first, then the business decides how to manage it.
4. Privacy, Confidentiality, And Information Security
Most startups collect information - customer email lists, staff records, payment details, analytics data, support tickets, and more.
Your code should set expectations around:
- Only collecting and using personal information for legitimate business purposes
- Keeping passwords and systems secure
- Not sharing confidential information externally
- Safe handling of documents and devices
For many online businesses, this sits alongside a customer-facing Privacy Policy and internal policies (like information security and acceptable use policies).
5. Bribery, Corruption, And “Doing Deals”
Even if you’re not in a heavily regulated industry, it’s worth having a clear position on bribery and corrupt conduct.
This can be as simple as stating that your business will not:
- Offer or accept bribes, kickbacks, or improper benefits
- Make payments to “speed things up” with approvals
- Engage in dishonest procurement practices
Small businesses can be especially vulnerable here, because relationships matter and processes can be informal. The code helps set a professional standard as you grow.
6. Use Of Company Property, Systems, And Records
Your code can also cover how people should use business resources, such as:
- Company devices, tools, vehicles, and software licences
- Business funds and expenses
- Record-keeping and approvals
This section often overlaps with your operational policies, but it’s useful in the code because misuse of property and records can create both ethical and legal problems.
How To Make Your Code Of Conduct Work In Practice (Not Just “Nice To Have”)
A code that nobody reads won’t protect your business.
Implementation is where most startups get stuck - not because they don’t care, but because everything feels urgent and policies fall to the bottom of the list.
Here’s how to make your ethical code of conduct practical and something you can actually rely on.
Connect It To Your Contracts And Workplace Policies
If you have employees, contractors, or even regular freelancers, your code of conduct should be linked to the documents they sign.
For example:
- Your employment agreement can require compliance with the code
- Your contractor agreement can include conduct and confidentiality obligations
- Your broader workplace policies can expand on topics like bullying, social media, or WHS
Keep in mind that a code is generally only enforceable to the extent it’s incorporated into contracts or workplace policies, communicated clearly, and applied consistently and fairly.
As your business grows, many founders consolidate these expectations in a handbook-style set of policies and processes. If you’re formalising decision-making and governance (especially if you have multiple founders or investors), it can also be helpful to align your code with your Company Constitution and internal governance documents.
Train People At The Right Moments
Don’t just email the code and hope for the best.
Practical training moments include:
- Onboarding (your best chance to set expectations)
- Before launching a major product or marketing campaign
- When you start managing customer complaints at higher volume
- When you enter a new market or partner with new suppliers
Training doesn’t need to be complicated. A 20-minute walkthrough of “what this means in real life” often makes the difference.
Make It Accessible And Usable
A code of conduct should be easy to find and easy to understand.
- Keep it short enough to be read (often 2–6 pages for a small business)
- Use plain English
- Include examples of acceptable vs unacceptable behaviour
- Include a clear reporting path
If a policy is too long, people won’t use it when it matters.
Apply It Consistently (Including For Founders)
Nothing undermines a code faster than inconsistent enforcement.
If junior staff get “pulled up” for behaviour that founders regularly show, the code becomes a credibility problem. Your ethical code of conduct needs to apply to everyone - especially leadership.
This is also where good documentation matters. If you need to manage misconduct or performance issues, having clear written expectations helps you take fair, consistent steps.
Common Mistakes Small Businesses Make With A Code Of Conduct
Here are a few pitfalls we often see when startups try to create an ethical code of conduct quickly.
Copying A Generic Template Without Customising It
Templates can be a useful starting point, but a code needs to match how your business actually operates - your industry risks, your team structure, and your customer relationships.
If your code doesn’t address your real pressure points, it won’t help when the hard decisions come up.
Being Too Vague To Guide Behaviour
“Be professional” and “act with integrity” are good sentiments, but they don’t help someone decide what to do when a customer demands a refund outside your policy, or when a supplier offers a personal benefit to win a contract.
Aim for clear rules and examples.
Ignoring Online Conduct And Social Media
For many startups, online behaviour is a huge part of reputation risk.
Your code should cover:
- How your team represents the business publicly
- How to respond to complaints and negative reviews
- What should never be shared (confidential or personal information)
Not Aligning With Customer-Facing Terms
If your code says “we always refund customers immediately” but your customer contract says something else, you’re setting your team up for confusion and inconsistency.
Many businesses manage customer expectations through written terms, such as Business Terms, which can be aligned with how your team is trained to behave.
Not Reviewing The Code As The Business Changes
Startups evolve fast. Your code should evolve too.
Set a calendar reminder to review it:
- Every 12 months (at a minimum)
- When you hire your first employee
- When you move into a regulated industry or start handling sensitive data
- When you expand into new states or overseas markets
Key Takeaways
- An ethical code of conduct sets clear behaviour standards for your small business, helping you build trust, reduce risk, and protect culture as you grow.
- The most effective codes are practical: they define who the code applies to, include real-world standards (not just values), and explain how to report concerns and what happens after a breach.
- Key topics to cover usually include honest marketing, respectful workplace behaviour, conflicts of interest, privacy and confidentiality, and the use of business systems and information.
- Your code is more likely to be followed if it’s embedded into onboarding, training, and your contracts and workplace policies.
- Consistency matters: apply the code fairly across the business - including founders and senior staff - and review it as your startup changes.
If you’d like help drafting a code of conduct that fits your business and works alongside your contracts and compliance obligations, contact Sprintlaw on 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.
