How to Write a Code of Conduct for Your Business in Australia

When you’re building a small business, it’s easy to focus on the big-ticket priorities: getting customers, hiring your first team members, and keeping cash flow moving.

But as soon as you have people working together (even a team of two), you’ll start running into the day-to-day “grey areas” that can slow you down: What’s acceptable behaviour in meetings? How do you handle conflicts of interest? What do you do if someone shares confidential information? What does “professional communication” actually mean on Slack or WhatsApp?

That’s where a code of conduct becomes a practical tool, not just a corporate formality. A well-written code of conduct helps you set expectations early, protect your culture as you grow, and reduce legal and reputational risk.

Below, we’ll walk you through how to write a code of conduct that makes sense for Australian startups and SMEs, including what to include, how to structure it, and how to roll it out in a way that actually works.

What Is A Code Of Conduct (And Why Small Businesses Need One)?

A code of conduct is a written document that explains the standards of behaviour you expect from people who represent your business.

It usually covers things like professionalism, respectful behaviour, conflicts of interest, privacy and confidentiality, use of company property, and how to report concerns.

Even if you have a strong culture already, a code of conduct helps you:

• Set clear expectations so issues don’t become “he said/she said” disputes later.
• Support consistent decision-making when you’re managing performance or misconduct.
• Reduce business risk (including reputational damage, data issues, and workplace conflict).
• Onboard faster as you hire and scale, especially when you’re bringing in your first managers.
• Show professionalism to customers and partners, particularly if you work with enterprise clients or government.

In a small business, problems can move quickly because teams are close-knit and informal. A code of conduct gives you a “home base” you can point to when something feels off, without relying on personal opinions or ad hoc decisions.

How To Write A Code Of Conduct: Start With Your Business Values And Risks

If you’re looking up how to write a code of conduct, it’s tempting to start by copying a template and swapping in your business name.

In practice, the best codes of conduct are built around two things:

• Your values (the culture you’re trying to build), and
• Your risks (the situations most likely to cause harm to people or to the business).

Step 1: Define The Purpose (In Plain English)

Start your document with a short purpose statement. Keep it simple. For example:

• Why the code exists
• Who it applies to (employees, contractors, interns, directors)
• How it fits with other policies and contracts

This helps your team understand that the code isn’t “paperwork for the sake of it” - it’s there to guide how people work together.

Step 2: Map Your Real-World Scenarios

Think about what could realistically happen in your business. For example:

• A staff member argues with a customer online
• A contractor uses your IP (or client list) for another job
• Someone records a meeting without permission
• A team member accepts gifts from a supplier
• A manager makes inappropriate comments at a work event

Your code of conduct should address the scenarios that matter to your business, not just generic corporate issues.

Step 3: Keep It Consistent With Your Contracts And Policies

A code of conduct shouldn’t contradict your existing documents (and it shouldn’t try to replace them).

For example, your Employment Contract usually covers core legal terms of the employment relationship, while the code of conduct sets behavioural expectations day-to-day.

If you also have customer-facing terms, privacy documents, or an internal handbook, your code should align with them so your expectations are consistent across the business.

What To Include In A Small Business Code Of Conduct (A Practical Checklist)

Most Australian small business codes of conduct work best when they are structured as clear topic sections. You want it to be easy to scan, easy to train, and easy to enforce.

Here’s a practical checklist of clauses and sections to consider including.

1. Professional And Respectful Behaviour

Set expectations around:

• Respectful communication (including online and messaging apps)
• Bullying, harassment and discrimination not being tolerated
• Professional conduct at work events (including after-hours events where staff represent the business)

This section matters because even one incident can create legal exposure and a serious culture problem if it’s not handled quickly and consistently.

2. Compliance With Laws And Workplace Rules

Your code of conduct should clearly state that team members must comply with:

• All applicable laws
• Reasonable directions
• Your internal policies and procedures

This is also a good place to note that different rules may apply depending on location (for example, state-based rules around surveillance or recordings). If your business is dealing with calls or meetings, it’s worth being aware of recording laws in Australia so your policy settings are practical and legally sensible.

3. Conflicts Of Interest

Conflicts of interest come up often in startups and SMEs because people wear multiple hats.

Your code of conduct should explain:

• What a conflict of interest is (including perceived conflicts)
• Examples (side businesses, supplier relationships, family members, referral commissions)
• How conflicts must be declared
• What happens after a declaration (for example, removal from decision-making)

If you want something more formal alongside your code, a Conflict Of Interest Policy can set a clearer process for disclosure and management.

4. Confidentiality And Handling Business Information

This section is critical for any business with customer lists, pricing, product roadmaps, or internal processes.

Cover:

• What information is confidential
• What team members can and can’t share externally
• How to handle confidential information when working remotely
• Security expectations (passwords, devices, access control)

Many businesses reinforce this with a separate NDA or confidentiality terms (especially for contractors and collaborators), but your code of conduct should still set the behavioural expectation clearly.

5. Use Of Company Property, Systems And Social Media

Spell out expectations on:

• Use of laptops, phones, cars, cards, tools and software licences
• Appropriate use of email, Slack/Teams, CRM tools and file storage
• Posting about work on social media (including what requires approval)

This is also where you can address things like recording, surveillance, and camera use at work if relevant. If you operate from a physical premises, you may also want a clear position on CCTV laws in Australia and how your business uses surveillance responsibly.

6. Privacy And Personal Information

Even if you’re a small business, you’re likely handling personal information (customer details, employee records, enquiries, marketing lists).

Your code of conduct should explain that workers must:

• Only access personal information when needed for their role
• Not disclose personal information without authorisation
• Follow internal data handling and security procedures

Externally, this should match what you tell customers in your Privacy Policy.

7. Gifts, Benefits And Bribery

This doesn’t have to be complicated, but it should be clear.

Include:

• Rules on receiving gifts from suppliers, clients or partners
• Whether approval is needed over a certain value
• A ban on offering gifts that could be seen as influencing decisions unfairly

For many SMEs, a simple “declare and get approval” approach is enough.

8. Reporting Issues (And No Retaliation)

A code of conduct only works if people feel safe raising concerns.

Explain:

• What should be reported (misconduct, bullying, safety issues, breaches of confidentiality)
• Who to report to (manager, director, HR contact, external point of contact)
• That reports will be treated seriously and confidentially where possible
• That retaliation against someone who raises concerns is not acceptable

Depending on your business, you may also need to consider whether Australia’s whistleblower laws apply (including special rules for eligible disclosures in some companies). If you want a more formal reporting framework, a whistleblower policy can sit alongside this section.

How To Make Your Code Of Conduct Legally Useful (Not Just A “Nice Document”)

Many codes of conduct fail for one of two reasons:

• They’re too vague to rely on when something goes wrong, or
• They’re too strict or unrealistic, so no one follows them (including management).

To make your code of conduct genuinely useful, focus on clarity, fairness, and enforceability.

Use Clear, Action-Based Language

Instead of broad statements like “be professional,” add practical explanations:

• “Treat customers respectfully, even if they are upset.”
• “Do not share customer data outside approved systems.”
• “Do not make public statements on behalf of the business unless authorised.”

This reduces misunderstandings and makes it easier to point to what went wrong (and why it matters) if you need to manage misconduct.

Be Specific About Consequences (Without Overpromising)

You don’t need to list every disciplinary outcome, but you should explain that breaches may lead to action, including termination in serious cases.

Be careful with absolute language like “any breach will result in dismissal.” In the real world, you’ll usually need to respond proportionately, depending on the facts.

Make It Fit Your Team Structure

If you’re an early-stage startup, your reporting lines may be simple (“raise issues with the founder”). If you’re a growing SME, you may have managers or an operations lead.

Your code should reflect who is actually responsible for receiving reports, investigating concerns, and making decisions.

Align With Employment Law Obligations

Your code of conduct should support (not undermine) your broader employment processes.

For example, if you’re managing misconduct or performance issues, your steps and expectations need to be fair and consistent with your contractual terms and workplace obligations. If you’re not sure how your documents and process should fit together, it can be worth getting guidance from an employment lawyer early-especially before a problem escalates.

How To Implement And Enforce Your Code Of Conduct (So People Actually Follow It)

Writing the document is only half the job. Implementation is what makes it real.

Here’s a rollout approach that works well for Australian startups and SMEs.

1. Introduce It During Onboarding (And Not Just As A Link)

Give new team members the code of conduct as part of onboarding, but also take time to talk through it.

Even a 15-minute walkthrough can help your team understand what matters most to your business (and it signals that you take culture seriously).

2. Ask For Written Acknowledgement

It’s a good idea to have workers confirm in writing that they’ve read and understood the code.

This can be done:

• inside your employment contract pack,
• as part of a staff handbook acknowledgment, or
• via a simple signed policy acknowledgment.

This step can make a big difference if you later need to show that expectations were clearly communicated.

3. Train Your Managers (So It’s Applied Consistently)

In growing businesses, inconsistency is one of the biggest risks.

If one manager ignores certain behaviour but another manager disciplines it, you can quickly create a fairness issue and damage morale.

Give your managers guidance on:

• How to handle complaints
• When to escalate issues
• How to document concerns
• How to manage investigations sensitively

4. Review It Regularly As You Grow

Your code of conduct should evolve with your business.

It’s common to update it when you:

• Hire more staff or expand to new locations
• Introduce remote work or BYOD (bring your own device)
• Add new tech systems or security requirements
• Move into a more regulated industry

A practical rhythm is reviewing it annually, or whenever there is a major operational change.

5. Pair It With The Right Legal Documents

Your code of conduct is strongest when it sits alongside a solid set of legal foundations.

Depending on how your business operates, that may include:

• Employment agreements (to set core rights and obligations clearly)
• Contractor agreements (especially for IP and confidentiality)
• Privacy documents (for customer and employee data handling)
• Customer terms (to manage expectations and reduce disputes)

The goal is to avoid a situation where your code says one thing, but your contracts (or your day-to-day practices) say another.

Key Takeaways

• A code of conduct is a practical way to set expectations, protect your culture, and reduce business risk as your startup or SME grows.
• When thinking about how to write a code of conduct, start with your values and the real-world risks your team will face, not a generic template.
• Strong codes usually cover respectful behaviour, conflicts of interest, confidentiality, acceptable use of systems, privacy, gifts and benefits, and reporting issues.
• To make your code legally useful, keep the language clear, realistic, and consistent with your employment contracts and internal policies.
• Implementation matters: introduce it during onboarding, get written acknowledgement, train managers, and review it regularly as your business changes.

This article is general information only and does not constitute legal advice. If you’d like help putting together a code of conduct and the supporting employment documents for your small business, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.