How to conduct an HR compliance audit in Australia
Identify and fix compliance gaps before they become costly problems — a step-by-step process covering contracts, payroll, records, WHS, and certifications.
Written by
Georgia Morgan
General information only – not legal advice
This guide provides general information about HR compliance auditing for Australian businesses. It is not legal advice. It does not constitute legal, HR, or professional advice and should not be relied on as a substitute for advice specific to your business, workforce, or circumstances.
Quick start: three things to do now
- 1 Gather your documentation first — contracts, payroll records, policies, timesheets, and HR records. Use digital HR records to centralise everything before you start auditing.
- 2 Work through each area in order — contracts, payroll, records, policies, WHS, certifications — using the 8-step process and audit checklist in this guide.
- 3 Document every gap and build a remediation plan — voluntary disclosure to Fair Work can significantly reduce penalties if underpayments are found.
From January 2025, intentional wage underpayment is a criminal offence under the Fair Work Act. Proactive auditing is now a personal legal protection for business owners and directors — not just a compliance exercise.
How to conduct an HR compliance audit in 8 steps
Follow this process to conduct a comprehensive HR compliance audit for your Australian business.
Define the scope and plan your audit
Determine which compliance areas you will review and schedule the audit before gathering any documents.
Key checks:
- Cover all key areas: employment contracts, payroll, records, policies, WHS, certifications, and privacy
- Review Fair Work Act obligations relevant to your industry and modern awards
- Audit annually at minimum — and immediately after significant legislative changes (such as the July 2025 super rate increase)
- Decide whether to conduct the audit internally or engage an external HR consultant for objectivity
Review employment contracts
Check that all employees have current, compliant contracts that reflect their actual working arrangements.
Key checks:
- Verify all employees have signed employment contracts on file
- Check contracts match actual hours, pay rates, and conditions — discrepancies indicate underpayment risk
- Ensure the award or enterprise agreement is correctly identified and referenced
- Review casual arrangements — genuine casuals must have irregular hours with no firm advance commitment
- Confirm the right-to-disconnect clause is present for eligible employees
Audit payroll and wage compliance
Verify employees are being paid correctly according to their award, agreement, and current legislation.
Key checks:
- Check award classifications match actual duties using modern award definitions — misclassification is the most common audit finding
- Verify base rates meet current award minimums — rates update annually on 1 July
- Confirm penalty rates, overtime, and allowances are calculated correctly for each shift type
- Check superannuation is being paid at 12% from 1 July 2025 (increased from 11.5%)
- Review pay slips for all required details: ABN, pay period, gross/net pay, super fund name, and itemised allowances
Check employee records and retention
Ensure all required records are complete, accurate, and stored for the legally required period.
Key checks:
- Verify timesheets show actual start and finish times — not just total hours (Fair Work requirement)
- Check leave records and balances are correctly calculated and up to date
- Confirm all employment records are retained for at least 7 years
- Store records in a centralised digital HR records system for easy audit access and retrieval
- Verify personal information is current and stored securely under the Australian Privacy Principles
Review workplace policies
Assess whether your policies are current, legally compliant, and properly communicated to all staff.
Key checks:
- Check all essential policies are in place: code of conduct, WHS, anti-discrimination, leave, grievance procedure
- Verify policies reflect 2025 legislative changes (right to disconnect, enhanced sexual harassment duty of care)
- Confirm employees have signed policy acknowledgements — having a policy without sign-off is insufficient evidence of compliance
- Use a policy management system to track acknowledgements and manage version control
- Ensure performance review records are maintained in employee files
Audit WHS and psychosocial safety
Review workplace health and safety practices, documentation, and the legally required psychosocial risk management.
Key checks:
- Verify your WHS policy is current, displayed, and accessible to all staff
- Review incident reports and confirm all follow-up actions were completed and documented
- Check that safety training and induction records are complete and up to date for all employees
- Assess psychosocial hazard identification and risk controls — this is a legal WHS requirement in all Australian states from 2023–2025
- See our guide on conducting a WHS assessment for a detailed checklist
Check certifications and training records
Verify all employee certifications and licences are current and that only qualified staff are rostered for roles requiring them.
Key checks:
- List all roles requiring mandatory certifications (RSA, food safety, first aid, trade licences, WWCC, NDIS screening)
- Check expiry dates against your certification register — expired certifications create compliance and insurance risk
- Verify certifications are linked to rostering so unqualified staff cannot be scheduled to restricted shifts
- See our guide on tracking employee certifications for a systematic approach to expiry alerts and registers
Document findings and implement changes
Record all audit results, prioritise issues by risk level, and build a remediation plan with clear accountability.
Key checks:
- Document all compliance gaps — a written record demonstrates good faith to regulators
- Prioritise issues: Critical (immediate action), High (within 30 days), Medium (90 days), Low (next audit cycle)
- For payroll underpayments, consider voluntary disclosure to Fair Work — this can significantly reduce penalties
- Delegate remediation tasks to supervisors with clear owners, deadlines, and follow-up schedules
- Schedule a follow-up audit in 3–6 months to verify that corrective actions have been completed
Keep your HR records audit-ready with RosterElf
RosterElf HR Hub stores employment contracts, policies, certifications, and timesheets in one place — with digital signatures, expiry alerts, and a full audit trail.
Start free trial →HR audit checklist
Use this checklist across each compliance area. Tick off items as you complete your review — any unchecked item is a compliance gap requiring action.
Employment contracts
- All employees have signed contracts
- Contracts reflect current arrangements
- Award or agreement correctly identified
- Part-time hours are guaranteed and correct
- Casual status is genuine (no regular pattern)
- Right-to-disconnect clause included
Payroll compliance
- Classifications match actual duties
- Base rates meet award minimums
- Penalty rates calculated correctly
- Overtime paid when triggered
- Superannuation paid at 12% (from 1 Jul 2025)
- Pay slips issued each pay period with all required details
Record keeping
- Employee records complete and current
- Timesheets show actual start and finish times
- Leave records maintained and correct
- Records retained for at least 7 years
- TFN declarations on file
- Right to work verified and documented
Policies
- Code of conduct in place
- Anti-discrimination and harassment policy
- WHS policy current and accessible
- Psychosocial hazard management documented
- Grievance procedure established
- Staff policy acknowledgements on file
WHS
- WHS policy displayed and accessible
- Risk assessments completed and current
- Psychosocial risks identified and controlled
- Incident reporting system in place
- Safety training records maintained
- Emergency procedures documented
Certifications
- All required certs listed per role
- No expired certifications on record
- Certification register up to date
- Certs linked to rostering system
- 90/60/30-day expiry alerts configured
- Verification records on file
Essential workplace policies
These policies must be in place, current, and signed by all employees. Policies marked High risk are legally required or carry significant liability if absent.
| Policy | Requirement | Risk level |
|---|---|---|
| Code of conduct | Highly recommended | High |
| Anti-discrimination and harassment | Required (WHS duty of care) | High |
| WHS policy | Required | High |
| Psychosocial hazard management | Required (2023–2025 WHS changes) | High |
| Leave policy | Recommended | Medium |
| Grievance and complaints procedure | Highly recommended | High |
| Social media policy | Recommended | Medium |
| Flexible work policy | Recommended (NES right) | Medium |
| Privacy policy | Required (Privacy Act 1988) | High |
Common audit findings and fixes
These are the most frequently identified compliance gaps in Australian HR audits — and how to fix them.
Incorrect award classification
Consequence: Underpayment, back-pay claims, potential criminal penalties from January 2025
Fix: Review all classifications against award definitions and actual duties performed
Missing or outdated contracts
Consequence: Uncertainty about terms, disputes over entitlements, compliance risk
Fix: Issue updated contracts to all employees without current documentation
Superannuation underpayment
Consequence: ATO penalties, super guarantee charge, employee claims — rate is 12% from 1 July 2025
Fix: Audit super calculations, correct any shortfalls with the ATO immediately
Poor or incomplete record keeping
Consequence: Cannot prove compliance; reverse onus means employer must disprove underpayment claims
Fix: Implement systematic digital record keeping with 7-year retention and full audit trail
Common audit red flags
These are the compliance issues most likely to attract Fair Work scrutiny, ATO penalties, or WHS investigation. Address these immediately if identified.
Missing or incomplete employee records
Risk: If a Fair Work claim is filed, the burden reverses — you must disprove underpayment, not the employee prove it.
Action: Implement digital records and store all required records for 7 years. how to respond if a Fair Work claim is made
Policies not updated for 2025 legislative changes
Risk: Non-compliance with right to disconnect, casual employment rules, and the enhanced sexual harassment duty of care creates unfair dismissal and general protections exposure.
Action: Review all policies against the current Fair Work Act and re-issue with fresh employee acknowledgements.
Incorrect award classification or sham contracting
Risk: Back-pay claims, ATO penalties — and from January 2025, criminal prosecution for intentional wage underpayment.
Action: Audit all contractor arrangements against the Fair Work multi-factor test. Update classifications where actual duties have changed.
Super guarantee errors (must be 12% from 1 Jul 2025)
Risk: SGC charge, ATO interest and penalties, and potential criminal liability for intentional non-payment.
Action: Run a payroll audit to verify 12% is being applied. Contact the ATO to correct any shortfall — voluntary disclosure reduces penalties.
Psychosocial hazards not identified or managed
Risk: WHS breach, psychological injury claims, and Safe Work Australia investigation — psychosocial risk management is now legally mandatory in all states.
Action: Conduct a formal psychosocial risk assessment. Document hazards, controls, and monitoring in your WHS records.
No Privacy Act compliance for employee data
Risk: OAIC investigation, notifiable data breach obligations, and complaints under the Privacy Act 1988.
Action: Review your data handling practices against the Australian Privacy Principles. Update your privacy policy and secure all employee personal data.
Regulatory sources
Official Australian government resources for HR compliance. Use these to verify your obligations and access free self-audit tools.
Related guides
More HR compliance and employment resources for Australian businesses.
Keep your HR records audit-ready
RosterElf HR Hub stores contracts, policies, certifications, and timesheets in one place — with digital signatures, expiry alerts, and a full audit trail. Built for Australian businesses.
Frequently asked questions
- An HR audit helps identify compliance gaps before they become problems. In 2023–24, the Fair Work Ombudsman recovered $473 million in unpaid wages for nearly 160,000 employees. From January 2025, intentional wage underpayment is a criminal offence. Regular audits help you find and fix issues, protect your business from claims, and ensure fair treatment of employees.
- Conduct a comprehensive HR audit at least annually. You should also audit when: there are significant legislative changes (such as the July 2025 super rate increase to 12%), after acquisitions or business restructures, when new payroll or HR systems are implemented, or if you receive complaints or Fair Work enquiries. Some businesses conduct quarterly mini-audits focused on high-risk areas like payroll and certifications.
- Small businesses can conduct their own audits using the checklist and 8-step process in this guide, supplemented by the Fair Work Ombudsman's free self-audit guide. For complex situations involving multiple awards, suspected underpayment, or if you receive a Fair Work inquiry, engaging an HR consultant or employment lawyer provides independent expertise and reduces the risk of overlooking issues.