Mandatory Codes Of Conduct: Legal Essentials For Australian Businesses

If you’re running a business in Australia, you’ll hear a lot about “codes of conduct” and “codes of practice.” Some are optional and help set standards. Others are required by law and carry penalties if you don’t comply.

Knowing which is which matters. Getting this right protects your customers, your team and your brand - and helps you avoid fines or regulatory action.

In this guide, we’ll unpack what a code of conduct is, how it differs from a code of practice, when a code is mandatory in Australia, and the practical steps to implement one in your business.

What Is A Code Of Conduct (And How Is It Different To A Code Of Practice)?

A code of conduct is a written set of behavioural standards that applies to people involved in your business - for example, employees, contractors and representatives. It sets expectations around professionalism, honesty, respectful behaviour, conflicts of interest, confidentiality and compliance with the law.

Think of it as the “how we behave here” rulebook. It guides day‑to‑day decisions and helps you manage culture, risks and disputes.

Code Of Conduct vs Code Of Practice

• Code of Conduct: Focuses on behaviour and ethics. It applies to individuals (e.g. how staff treat customers, handle information, avoid conflicts).
• Code of Practice: Provides practical guidance on how to comply with specific laws or manage particular risks in an industry or workplace. For example, work health and safety (WHS) codes of practice explain how to meet legal duties in areas like manual handling or hazardous chemicals.

Important legal point: Approved WHS codes of practice are not legislation by themselves. However, regulators and courts may use them as evidence of what is reasonably practicable. You can follow the code or adopt another method that provides an equal or better level of safety. By contrast, where a mandatory code of conduct applies to your industry, its requirements are legally enforceable.

When Is A Code Of Conduct Mandatory In Australia?

Mandatory codes of conduct apply when a law, regulation or regulator says so. If your sector is covered, you must comply.

Common Australian Examples

• Franchising Code of Conduct: This is a mandatory industry code under federal regulation. If you are a franchisor or franchisee, you must follow it - including disclosure, good faith obligations and dispute resolution rules. If you work in this space, get advice early from a franchise lawyer.
• NDIS Code of Conduct (Disability Services): NDIS providers and workers must meet conduct standards administered by the NDIS Quality and Safeguards Commission. If you operate in disability support, speak with an NDIS lawyer about your obligations.
• Real estate and property: Conduct rules for agents and property managers are set under state and territory legislation and regulator guidance (for example, in NSW or QLD). These are not one national “real estate code” - your obligations depend on where you operate.

Note: The Australian Consumer Law (ACL) is not a code of conduct - it’s national consumer protection legislation that applies to most businesses. You’ll still need to comply with the ACL (e.g. refunds, product safety and advertising) alongside any industry code. If you sell goods or services, it’s wise to get upfront guidance from a consumer law lawyer.

How Do Mandatory Codes Work Day To Day?

If a mandatory code of conduct applies to your industry, build it into your operations - not just your policy folder. Here’s a practical approach.

1. Map the requirements: Identify every obligation that applies to your business under the code. For franchising, that might include disclosure timelines, marketing fund rules and end‑of‑term processes.
2. Update documents and processes: Align your contracts, onboarding, complaints handling and workflows with the code. For staff, include the standards in your staff handbook and training.
3. Train your team: Make sure the people doing the work understand what the code requires of them in practice. Keep a record of training.
4. Keep evidence: Maintain clear records (policies, notices, signed acknowledgements, disclosure statements, audit trails) to show compliance if a regulator asks.
5. Monitor and review: Codes and laws change. Schedule regular reviews, fix gaps quickly and note any improvements you implement.
6. Respond to issues professionally: If a breach occurs, follow your process, document it, take corrective action and communicate with the relevant parties. Early, transparent action can reduce regulatory risk.

If you are unsure whether a mandatory code applies to you, get advice before you launch a product, sign with franchisees or onboard clients. “Not knowing” won’t help if a regulator comes calling.

Internal Codes Of Conduct: Why You Still Need One

Even if you don’t operate under a mandatory industry code, every employer should adopt an internal code of conduct. It explains how you expect people to behave at work, supports a safe and inclusive culture, and gives you a framework to handle issues consistently.

What A Workplace Code Usually Covers

• Respectful behaviour, anti‑bullying and anti‑harassment
• Equal opportunity and non‑discrimination
• Conflicts of interest and gifts/hospitality
• Confidentiality and information security
• Use of company property and IT systems
• Health and safety responsibilities
• Speaking up and reporting concerns (including whistleblowing)

For new hires, include the code in your onboarding pack and require written acknowledgement. Build it into your Employment Contract so compliance is a contractual requirement.

Simple, Clear Clauses You Can Use

• “Treat customers, colleagues and suppliers with respect and courtesy at all times.”
• “Do not discriminate, bully or harass any person.”
• “Protect confidential information and only access it for authorised purposes.”
• “Avoid conflicts of interest and disclose any potential conflict immediately.”
• “Follow health and safety instructions and report hazards promptly.”

As you grow, expand your code to cover social media, external communications, accepting gifts, secondary employment and more detailed conflict rules.

The Legal Framework Around Codes: What Else Should You Put In Place?

A code of conduct works best as part of a broader compliance framework. Here are the documents and policies most businesses should consider.

• Employment Contract: Sets clear rights and obligations for both parties and requires staff to follow your code and policies. Start with a robust Employment Contract for each employee.
• Staff Handbook and Workplace Policies: Detailed policies sitting under your code (e.g. bullying and harassment, IT use, leave, performance and investigations). A practical way to house these is a central handbook - see our approach to a staff handbook.
• Privacy Policy: Explains how you collect, use and store personal information in line with the Privacy Act. If you operate a website or app, a tailored Privacy Policy is essential.
• Website Terms and Conditions: If customers interact with you online, Website Terms and Conditions set the rules for using your site and limit risk.
• Whistleblower Policy: Encourages internal reporting and sets out how disclosures will be handled and protected. Larger companies and certain sectors should implement a compliant Whistleblower Policy.
• Consumer Law Readiness: If you sell goods or services, align your marketing, refunds and complaints handling with the ACL. It’s smart to sanity‑check your processes with a consumer law specialist.

Not every business will need every document on day one, but most will need several of the above. The key is consistency: make sure each policy lines up with your code of conduct and how your team actually works.

What Happens If You Don’t Comply With A Mandatory Code?

Consequences vary by industry and regulator, but can include:

• Civil penalties and infringement notices
• Enforceable undertakings or court orders to change your practices
• Orders to provide or correct disclosures (for franchising)
• Suspension or loss of accreditation or registration (in regulated sectors)
• Reputational damage and customer complaints

Breaching a mandatory code does not automatically “invalidate all contracts.” However, in some regimes there can be serious contractual impacts. For example, specific franchising non‑compliance can lead to orders affecting agreements, and separate laws (like unfair contract terms under the ACL) can render particular terms void. The safest path is to build compliance into your operations from the start and keep reliable records.

Key Takeaways

• Mandatory codes of conduct apply in specific Australian sectors (for example, franchising and NDIS) and are legally enforceable.
• A code of conduct governs behaviour and ethics; a code of practice provides practical guidance on meeting legal duties (WHS codes are guidance, not law, but carry weight).
• Implement mandatory code requirements through your contracts, policies, training and record‑keeping - and review them regularly.
• Even without a mandated industry code, every employer should adopt a clear internal code of conduct and support it with policies and an Employment Contract.
• Round out your framework with essentials like a Privacy Policy, Website Terms and Conditions, whistleblowing processes and ACL‑compliant customer terms.
• If you operate in franchising or disability support, get sector‑specific guidance from a franchise lawyer or NDIS lawyer before you scale.

If you’d like a consultation on mandatory codes of conduct or help drafting a workplace code tailored to your business, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no‑obligations chat.