Future-Proof HR: Free GRC Compliance Webinar for Leaders

Rising Compliance Pressures

Australia's regulatory environment for human resources has intensified significantly in the past year. The Privacy and Other Legislation Amendment Act 2024 overhauled the Privacy Act 1988, with key provisions commencing in 2025. Most notably, from 10 June 2025, a new statutory tort enables individuals to pursue civil claims for serious invasions of privacy, exposing employers to litigation risks beyond regulatory enforcement by the Office of the Australian Information Commissioner.

Penalties for serious or repeated breaches now reach the greater of $50 million, three times the benefit derived, or 30 per cent of adjusted turnover, a sharp increase from prior levels. This shift arrives amid growing use of AI in HR processes such as recruitment and performance management, where data handling errors can trigger violations.

From December 2026, businesses must disclose automated decision-making practices involving personal information, adding transparency requirements that affect HR systems relying on algorithms for hiring or promotions.

Parallel changes in employment law compound these demands. Intentional wage underpayment became a criminal offence from January 2025, while new casual conversion mechanisms effective February 2025 require employers to handle employee requests for permanency carefully. Psychosocial hazards under work health and safety laws receive heightened scrutiny, with non-compliance risking multimillion-dollar corporate penalties.

These developments reflect broader trends: regulators seek to address digital-era risks, wage exploitation, and mental health in workplaces. Yet tensions persist—stricter rules protect workers but increase administrative burdens and costs for employers, particularly smaller organisations lacking dedicated compliance resources. Balancing proactive governance against business agility remains a core challenge.