Are You Audit-Ready? 7 Things the AHRC Will Check for Positive Duty Compliance

Are you confident that your business could withstand an Australian Human Rights Commission (AHRC) investigation today?

Since the Positive Duty legislation came into effect, Australian employers aren’t just responsible for responding to sexual harassment and discrimination complaints: you’re now legally required to prevent them from happening in the first place. This isn’t just a paperwork exercise. The AHRC has the power to launch investigations without your consent, and they’re using a seven-point framework to assess whether you’ve taken “reasonable and proportionate measures” to comply.

Here’s what keeps most business owners up at night: the AHRC can be triggered by a single complaint, a union tip-off, or even a media report about your workplace. Once they knock on your door, you’ll need to prove: with evidence: that you’ve actively worked to create a harassment-free environment.

So, what exactly are they looking for? Let’s break down the seven Standards the AHRC will use to audit your compliance, and more importantly, what you need to have in place right now.

Positive Duty Leadership Team Commitment

1. Leadership: Is Your Senior Team Walking the Talk?

The AHRC will assess whether your leadership team is visibly and actively committed to preventing sexual harassment and discrimination.

This means more than a CEO signing off on a policy document. The AHRC wants to see that your senior leaders are championing respect, accountability, and gender equality across the business. They’ll look for evidence that leaders are:

  • Publicly communicating the importance of a respectful workplace
  • Allocating resources (time, budget, personnel) to prevention initiatives
  • Setting clear expectations for behaviour at all levels
  • Holding managers accountable for culture within their teams

Your action step: Document how leadership demonstrates commitment. This could include meeting minutes where workplace culture is discussed, internal communications from executives about respect and safety, and evidence that leaders have completed training themselves.

2. Culture: Can Your Employees Speak Up Without Fear?

The AHRC will examine whether your workplace fosters an environment characterized by safety, respect, inclusivity, and diversity: one where employees feel empowered to report unlawful behaviour without fear of retaliation.

Put simply, you need to prove that your workplace culture actively discourages harassment and discrimination, not just on paper, but in practice.

The AHRC will look for:

  • Evidence of psychological safety (e.g., employee surveys, exit interviews, pulse checks)
  • Systems that protect people who make complaints
  • Diversity and inclusion initiatives that go beyond tokenism
  • A track record of taking reports seriously and acting on them

Your action step: Conduct regular, anonymous culture surveys and keep the results on file. Document any actions taken in response to feedback. If employees say they don’t feel safe reporting issues, you’ve got a problem the AHRC will find.

Workplace Culture Safety And Respect

3. Knowledge: Does Everyone Know What’s Expected of Them?

The AHRC will verify that you’ve established a clear policy addressing respectful behaviour and unlawful conduct: and that you’re actively educating all workers on what’s acceptable, what isn’t, and what happens when lines are crossed.

This isn’t a “set and forget” requirement. Every employee, contractor, and manager needs to understand:

  • What constitutes sexual harassment and discrimination under Australian law
  • How to identify inappropriate behaviour early
  • What their rights and responsibilities are
  • How to report concerns and what the process looks like
  • The consequences of breaching the policy

The AHRC will want to see training attendance records, policy acknowledgment forms, and evidence that your policy is accessible (not buried in an intranet folder no one can find).

Your action step: Implement mandatory Respect@Work training for all staff, and keep detailed records of who’s completed it. Make sure your policy is easy to find and written in plain language.

4. Risk Management: Have You Identified Your Workplace Hotspots?

The AHRC will assess whether your organization understands the specific risks posed by unlawful conduct in your workplace and whether you’ve adopted a proactive, risk-oriented approach to prevention.

Not all workplaces face the same risks. Factors like power imbalances, alcohol consumption at work events, remote or isolated work, and high-stress environments can all increase the likelihood of harassment. The AHRC wants to see that you’ve identified these risks and taken steps to mitigate them.

This looks like:

  • A documented risk assessment specific to your industry and workplace
  • Control measures in place for high-risk situations (e.g., event policies, buddy systems for remote workers)
  • Regular reviews of your risk profile as your business changes

Your action step: Conduct a workplace risk assessment that specifically addresses sexual harassment and discrimination. Update it annually or whenever your business undergoes significant change (restructures, new locations, workforce growth).

Respect At Work Online Compliance Training

5. Support: What Happens When Someone Needs Help?

The AHRC will evaluate whether your business provides adequate support to workers who experience or witness unlawful conduct.

This goes beyond having an Employee Assistance Program (EAP) brochure in the break room. The AHRC wants to see that you’ve actively communicated support options, made them easily accessible, and ensured that people who come forward aren’t left to navigate the process alone.

Support mechanisms include:

  • Access to confidential counselling services
  • Clear communication about internal and external support options
  • Reasonable adjustments for workers affected by harassment (e.g., reporting line changes, flexible work arrangements)
  • Regular check-ins with complainants throughout the investigation process

Your action step: Review your current support offerings. Can employees access them confidentially? Do they know these services exist? Document how support has been offered in past cases (without breaching confidentiality).

6. Reporting and Responding: Can Your Complaints Process Stand Up to Scrutiny?

The AHRC will examine whether you have effective, accessible reporting channels and whether you respond to complaints promptly, fairly, and consistently.

This is where many businesses fall down. It’s not enough to have a complaints process buried on page 47 of your employee handbook: you need multiple, clearly communicated pathways for people to raise concerns, and you need to be able to prove you take them seriously.

The AHRC will check for:

  • Multiple reporting options (not just “tell your manager”)
  • Trained personnel to receive and investigate complaints
  • Documented investigation procedures that ensure procedural fairness
  • Evidence that complaints are resolved in a reasonable timeframe
  • Clear consequences for substantiated misconduct

Your action step: Audit your complaints process. Is it easy to understand? Can people report anonymously if needed? Do you have trained investigators? Keep detailed records of all complaints (even informal ones) and how they were resolved. 

Workplace Harassment Risk Assessment Audit

7. Monitoring, Evaluation and Transparency: Are You Measuring What Matters?

The AHRC will check whether you gather data on unlawful conduct, assess and enhance workplace culture, develop preventative measures based on evidence, and maintain transparency about reported behaviours.

In other words, compliance isn’t a one-time checkbox exercise: it’s an ongoing commitment to improvement. The AHRC wants to see that you’re collecting data, identifying trends, and using that information to make your workplace safer.

This includes:

  • Tracking the number and nature of complaints over time
  • Regular culture surveys and analysis of results
  • Reporting to the board or senior leadership on workplace respect metrics
  • Transparency with employees about aggregate data (not individual cases)
  • Evidence that you’ve adjusted policies and practices based on findings

Your action step: Establish a system for tracking and reporting on workplace culture and conduct. This could be a simple spreadsheet or a more sophisticated HR system, but it needs to exist. Review the data quarterly and document any changes you make as a result.

What Happens If You’re Not Audit-Ready?

Here’s the reality: the AHRC can initiate an investigation based on a “reasonable suspicion” of non-compliance. That suspicion can come from a single complaint, a union notification, or even media coverage of your workplace.

If the AHRC finds that you haven’t taken reasonable and proportionate steps to prevent sexual harassment and discrimination, your business could face significant consequences, including enforceable undertakings, public reporting, and reputational damage. More critically, if harassment occurs and you haven’t implemented these preventative measures, you could be held vicariously liable: meaning your business is legally responsible for the actions of your employees.

The financial and reputational costs of non-compliance far exceed the investment required to get audit-ready.

Your Next Step

If you’re reading through this checklist and realizing you’ve got gaps, you’re not alone. Most Australian businesses are still working to meet their positive duty obligations under the new legislation.

The good news? You don’t have to figure this out alone. At Positive Duty, we help Australian businesses implement practical, evidence-based compliance strategies that satisfy the AHRC’s seven Standards. From training programs to policy development and risk assessments, we’ll help you build a workplace that’s not just compliant: but genuinely respectful and safe.

Want to know where you stand? Get in touch for a confidential compliance review.