Understanding Your Obligations Under OHS Regulator Requirements: A Guide For Australian Businesses

If you’re running a business in Australia (or about to), keeping people safe at work isn’t just good practice - it’s a legal duty. Workplace health and safety (WHS), sometimes called occupational health and safety (OHS), is enforced by state and territory regulators who can investigate incidents, issue notices and bring prosecutions.

If you’re wondering what the regulators actually expect from you, how far your obligations go, and where to start, you’re in the right place. In this guide, we break down who the OHS regulators are, your core legal duties in plain English, and the practical steps to set up a safe business - with clarity on when to notify the regulator and what documents you should have in place.

Our goal is to help you build a safe workplace where your people can thrive - and where you can operate with confidence.

What Is An OHS Regulator In Australia?

Each state and territory has its own workplace safety regulator. They educate businesses, enforce the law, investigate incidents and complaints, and can issue improvement or prohibition notices if something needs to change.

Examples include SafeWork NSW, WorkSafe Victoria and Workplace Health and Safety Queensland (WHSQ). Safe Work Australia develops national model WHS laws and codes of practice (most jurisdictions have adopted the model laws - Victoria and, in part, Western Australia have their own frameworks).

In practice, the regulator’s requirements set the standard for how you manage risks, consult workers, train your team, report incidents and keep records. If there’s an incident, they may attend your site and ask for evidence that you’ve met your duties.

Your Core WHS/OHS Duties (And Who They Cover)

Your primary legal duty is to ensure, so far as is reasonably practicable, the health and safety of workers and other people affected by your business. Under the model WHS laws, this duty sits with the “person conducting a business or undertaking” (PCBU) - which can include companies, sole traders and partnerships. In Victoria, similar obligations apply to employers and self‑employed persons under the OHS Act.

These duties apply whether or not you have employees. If you use contractors, volunteers, apprentices or have visitors on site, you still have obligations to keep them safe.

In plain terms, your responsibilities include:

• Providing and maintaining a safe work environment: Manage physical and psychosocial risks (e.g. hazards, fatigue, bullying and harassment) and ensure safe access and egress.
• Safe systems of work: Plan and carry out work in ways that control risk - think procedures, supervision, maintenance, scheduling and competency requirements.
• Facilities: Provide adequate amenities such as toilets, drinking water, first aid and rest areas.
• Information, training, instruction and supervision: Make sure workers know how to do the job safely and understand what to do in an emergency. Keeping evidence of training is essential. For example, many businesses document safety onboarding alongside their Employment Contract.
• Monitoring and consultation: Identify hazards, assess risks, review controls and consult with workers on safety matters. Consulting your team is a legal requirement, not a “nice to have”.
• Notifiable incidents: If there’s a death, a serious injury or illness, or a dangerous incident, you must notify the regulator immediately after becoming aware. In most cases you must also preserve the incident site (unless it’s safe to do so) and follow any instructions from the regulator.

If you’re new to these concepts, a quick read of your general duty of care as an employer will help you frame your obligations day to day.

Officers, Directors And Personal Liability

Senior leaders play a critical role in safety compliance.

In most model WHS jurisdictions, officers (for example, directors and key decision-makers) must exercise due diligence to ensure the business meets its safety duties. This includes staying informed about WHS, ensuring appropriate resources and processes are in place, and verifying those processes are implemented and effective.

Victoria’s framework is different. It doesn’t use the same “due diligence” wording, but officers can still be held personally liable - for example, if an offence occurs with their consent or due to their neglect. The practical takeaway is the same: senior people must proactively lead safety, not just delegate it.

Personal exposure can include significant fines and, for the most serious offences, imprisonment. If you’re a director or founder, it’s wise to embed safety leadership into your governance and make sure the company has the policies, training and reporting lines to back it up.

A Step‑By‑Step Compliance Setup For Businesses

WHS compliance is easier when you build it into how you operate. Here’s a practical sequence you can follow from day one.

1) Map Your Legal Framework

Confirm which laws apply in your state or territory and whether any industry‑specific rules affect you (construction, health, transport, manufacturing, education, hospitality and so on). Note any codes of practice that offer practical guidance for your tasks or equipment.

2) Identify Hazards And Assess Risks

Walk through your work processes and sites. Look for physical hazards (plant, vehicles, slips, manual handling, electricity, chemicals) and psychosocial hazards (workload, remote or isolated work, conflict, violence, bullying). Assess who could be harmed, how, and how likely or severe that harm could be.

3) Control Risks Using The Hierarchy Of Controls

Work systematically from elimination (best) through substitution, engineering controls, administrative controls and PPE (least reliable). Combine controls as needed and document the rationale. Review controls whenever something changes or after an incident or near miss.

4) Put Policies And Procedures In Place

Document how you manage key risks and how your people work safely. Many businesses bundle their safety procedures with a broader Workplace Policy suite and a Staff Handbook to make induction easier. If you roster staff, plan for compliant rest periods and breaks in your scheduling system.

5) Train, Supervise And Keep Records

Train everyone who does the work - employees, contractors and labour‑hire workers - and verify competency where required (for example, high risk work licences). Keep dated records of induction, refresher training, toolbox talks and competency assessments. If you deliver formal training, make sure it meets any legal requirements for training relevant to your industry.

6) Consult And Report

Have a clear process to gather safety feedback, report hazards and escalate issues. In larger workplaces, this can include health and safety representatives or committees. Encourage early reporting of near misses - they’re valuable learning opportunities.

7) Plan For Emergencies

Develop and test an emergency response plan that suits your risks (e.g. fire, medical, chemical, violence, remote work). Make sure people know who the first aiders and wardens are, where equipment is, and how to call for help.

8) Manage Contractors Properly

When you engage contractors, align roles and responsibilities for safety in writing. Your Contractors Agreement should set out site rules, induction requirements, insurance and how risks are controlled and supervised.

9) Know When You Must Notify The Regulator

If a notifiable incident happens (death, serious injury/illness or a dangerous incident), notify the regulator immediately after becoming aware - typically by phone - and preserve the site unless it’s unsafe. Written confirmation is usually required within a specified period (often 48 hours). Keep an incident register and your investigation notes.

10) Review And Improve

Set a review cadence (for example, quarterly inspections and an annual WHS review). Track actions through to completion. As you grow, revisit whether your systems, leadership and resourcing still match your risk profile.

Essential Policies, Contracts And Records

Strong documents won’t replace good leadership, but they do make your system clear, consistent and enforceable - and they help you demonstrate compliance if a regulator asks.

• Work Health And Safety Policy: Outlines your commitment, responsibilities, consultation approach and the way you control risks across the business.
• Risk Assessments And Safe Work Procedures: Task‑specific instructions that reflect the hierarchy of controls and any licence or competency needs.
• Incident Reporting And Investigation Procedure: How workers report hazards, near misses and incidents, how you notify the regulator when required, and how you investigate and learn.
• Emergency Plan: Roles, communication, equipment and drills relevant to your risks and location(s).
• Employment Documents: A clear Employment Contract for each employee and a practical Workplace Policy framework covering conduct, bullying/harassment, leave and safety responsibilities.
• Contractor Documents: A tailored Contractors Agreement that allocates safety duties and requires compliance with your site rules and procedures.
• Training And Competency Records: Inductions, toolbox talks, licences (e.g. forklift high risk work licence), refresher training and verification of competency.
• Privacy And Health Information: If you collect health information during incident reporting or risk management, use a clear Privacy Policy and limit access on a need‑to‑know basis.

Many SMEs package these documents into a single induction kit for new starters so expectations are clear from the first day.

Key Takeaways

• Every Australian business has a legal duty to manage health and safety risks so far as is reasonably practicable - this applies even if you don’t have employees.
• Your core responsibilities include safe systems of work, facilities, information and training, consultation, and immediate notification of any notifiable incidents to the regulator.
• Directors and senior leaders can face personal liability; in most jurisdictions officers must exercise due diligence, and in Victoria officers can still be liable through different provisions.
• A simple WHS system - hazard identification, risk controls, training, consultation, incident management and regular reviews - will keep you compliant and protect your people.
• Put the right paperwork in place: an WHS Policy, procedures, incident and emergency plans, Employment Contracts, a Workplace Policy framework, contractor terms and a Privacy Policy if you handle health information.
• Make safety part of everyday operations: plan work, supervise it well, keep records and consult your team. Adjust your system as you grow or your risks change.

If you’d like a consultation on meeting your OHS regulator obligations or getting your workplace legal documents in order, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no‑obligations chat.