Business Compliance Checklist
“Is this all I need to worry about?” is a question we often hear from clients wondering if one particular area of compliance - whether it’s privacy, consumer protections or something else - covers them entirely. The reality is far more nuanced. The legal health of a business is an ongoing labour of love, requiring regular check-ups and the steady hand of a trusted legal adviser.
Below is a consolidated “health check” tool to help ensure that key areas of your operation remain up to date and legally compliant. The checklist draws on common issues businesses face, so you can identify potential gaps and proactively address them.
While the following checklist may look comprehensive, it’s only a starting point - no single list can cover every nuance of your operations. Still, it highlights the kinds of areas where experienced legal guidance can help you remain compliant, reduce risk, and strategically position your business for success.
1. Customers & Client Relationships
☐ Have you surveyed or interviewed customers in the last 12 months to confirm why, when, and how they buy, as well as to check alignment with their budgets?
☐ Do you have processes to guard against client bankruptcy or default (e.g. credit checks, late-payment monitoring, avoiding overreliance on a single large client)?
☐ Are you taking measures to reduce customer churn, such as regular follow-ups, loyalty incentives, or prompt resolution of any issues?
☐ Has your standard customer contract been reviewed in the last year to ensure it minimises cancellations and reflects current business operations?
☐ Do you have a contingency plan if a crisis prevents your business from fulfilling orders (e.g. alternative supply lines)?
☐ Are your overdue invoice and debt collection processes up to date and effectively managed?
☐ If you deal with corporate customers, have you confirmed any security arrangements (e.g. guarantees) remain valid and enforceable?
2. Third-Party Suppliers & Supply Chain
☐ Do you periodically assess the financial stability of suppliers, using tools such as credit checks or business intelligence to reduce supply chain risk?
☐ Have you taken steps to minimise supply chain failure (e.g. diversifying approved suppliers, confirming local compliance, understanding alternative routing procedures)?
☐ Have you mapped all third-party vendors, noted the type of data or services they provide, and prioritised vendors according to their criticality?
☐ Is your supplier contract template current, including an enforceable retention of title clause and up-to-date terms?
☐ Have you reviewed supply chain cybersecurity within the last 12 months, given that hackers may target suppliers to breach “upstream” partners?
☐ Do you have alternative suppliers for critical materials, and have you tested how quickly they can meet your requirements?
☐ Is there a process in place to handle potential supplier disputes, such as unpaid invoices or threatened legal action?
3. Employment & Workforce
☐ Are you meeting industrial relations obligations, including correct pay rates under modern awards, the Fair Work Act, and superannuation payment deadlines?
☐ Have you regularly audited employee pay records to ensure no underpayment wage claims can arise?
☐ Is staff morale acceptable, and have you addressed any issues relating to engagement, productivity, or workplace culture?
☐ Are roles properly defined, and do you provide employees with sufficient training or development opportunities?
☐ Have your employment contracts been updated in the last 12 months, particularly regarding confidentiality, post-employment restraints, and remote working provisions?
☐ Does your Working From Home policy exist, and has it been tested (e.g. a remote-work day) in the last year?
☐ Do you have strategies for retaining key skills, such as incentive schemes, competitive salary reviews, or recognition programs?
☐ Are your redundancy and termination policies, as well as any independent contractor agreements, reviewed and compliant?
4. Work Health & Safety (WHS)
☐ Has your WHS or Health, Safety, and Environment (HSE) policy been updated in the last 12 months, reflecting any new hazards or legislative changes?
☐ Do you have a system for employees to report hazards, including remote work situations, and do managers respond effectively?
☐ Are high-risk tasks (e.g. electrical work, confined spaces, heavy machinery) governed by documented procedures and understood by relevant staff?
☐ Are supervisors conducting regular inspections, logging incidents, and prioritising corrective actions promptly?
5. Record-Keeping, Governance & Compliance
☐ Are your company registers and statutory books (e.g. director and shareholder details) accurate and up to date?
☐ Do you prepare and lodge annual or half-yearly financial reports on time, ensuring they accurately reflect your financial position?
☐ Are you complying with consumer and competition laws, avoiding misleading conduct or anti-competitive behaviour?
☐ Have any franchise agreements, biosecurity obligations, or financial service licensee processes been reviewed for current compliance?
Board-Level Oversight & Policies
☐ Have key policies (Alcohol & Other Drugs, Grievance, Flexibility, Anti-Bribery, Auditor Independence, Continuous Disclosure, Privacy, Whistleblower, etc.) been refreshed within the last 12 months?
☐ Does the board discuss climate-related goals, emissions strategies, and shareholder activism on sustainability?
☐ Are board/committee charters (Nomination, Audit, Compliance) and electronic meeting/signing policies current?
☐ Have you reviewed risk management, environmental policies, anti-slavery measures, and any supplier code in the last year?
☐ Are directors properly trained, and is there a plan for handling unexpected board vacancies?
Solvency, Disputes & Shareholder Engagement
☐ Do directors regularly confirm the business can meet debts on time, and are they aware of personal liability for unpaid superannuation or insolvency?
☐ If disputes or litigation exist, have you considered settlement or alternative dispute resolution to preserve resources?
☐ Have you updated the company’s risk profile or conducted a SWOT analysis within the last 12 months?
☐ Do directors hold regular forums to address shareholder concerns, especially around ESG issues?
6. Leasing & Real Estate
☐ Do your premises still meet operational needs, or should you renegotiate, relocate, or adopt flexible workspace?
☐ Are you aware of lease exit clauses, personal guarantees, and obligations if you need to terminate early?
7. Intellectual Property (IP) Management
☐ Is trademark monitoring assigned to someone who handles new registrations and watches for competitor infringements?
☐ Have you updated NDAs or confidentiality agreements to reflect changes in technology or collaboration methods?
☐ Do you actively watch the market for IP misuse, and know how to respond if you discover an infringement?
8. Data Protection & Cybersecurity
☐ Have you revised your cyber policies (passwords, remote access, incident response) in the last year?
☐ Is your BYOD policy clear on security measures, data segregation, and protocols if employees leave?
☐ If a data breach occurs, do staff know the reporting path and any regulatory notifications needed?
☐ Are your critical suppliers vetted for cybersecurity standards to avoid “upstream” vulnerabilities?
9. Environment & Office Strategy
☐ If you operate in a disaster-prone area (storms, floods, fires), is there an updated continuity plan to safeguard staff and assets?
☐ Do you meet environmental or energy efficiency requirements relevant to your industry?
☐ Have you assessed whether remote/hybrid options could reduce the footprint and overhead?
10. Insurance & Risk Mitigation
☐ Have you performed an annual review of insurance (public liability, professional indemnity, cyber, workers comp, etc.) to ensure coverage is still adequate?
☐ If you have Directors & Officers (D&O) insurance, does it address potential personal liabilities (e.g. insolvent trading, superannuation)?
☐ Does your business interruption policy extend to events like supplier failure, cyber incidents, or pandemic-related closures?
11. Financing & Cash Flow
☐ Do you have robust controls over cashflow, cost monitoring, and sales forecasting to prevent liquidity issues?
☐ Are you aware of loan covenant deadlines, and do you have a plan if a potential breach or refinance is needed?
☐ If you fall under banking or franchise codes, or have AML/CTF obligations, are you meeting them fully?
☐ Have you explored any government grants or assistance programs to support funding or growth?
12. Website & Online Commerce
☐ Are your website terms, shipping/returns details, and disclaimers aligned with actual practices?
☐ If you gather personal data from overseas (EU visitors), is your privacy policy up to date with evolving requirements?
☐ For e-commerce checkouts, do customers explicitly accept your terms before finalising a purchase?
13. AML/CTF & Sanctions Compliance
☐ Are you conducting appropriate KYC checks, maintaining required records, and reporting suspicious matters under AUSTRAC rules?
☐ Do you screen international transactions or customers for possible sanctions violations?
☐ Have staff handling payments or customer onboarding received training on AML/CTF red flags?
14. Anti-Slavery & Modern Slavery Obligations
☐ If required (ie., turnover >$10m pa), have you lodged an updated Modern Slavery statement detailing efforts to combat forced labour risks?
☐ Do you map suppliers for potential labour exploitation, with protocols for responding to red flags?
☐ Are procurement and related teams trained to identify and handle potential modern slavery concerns?
Final Notes
This checklist merely scratches the surface of what it takes to keep your business legally healthy - across operations, governance, and more. As you can see, real “legal health” is an ongoing effort best guided by professionals who can spot unseen risks. If you have any questions, or if an item here raises a red flag, we encourage you to seek trusted legal advice.
Disclaimer
This publication is intended for general informational purposes only. Laws and regulations may have changed since publication. Always seek professional advice tailored to your specific circumstances.