WHS Act and WHS Regulations

What are the WHS Act and WHS Regulations?

The Work Health and Safety (WHS) Act and accompanying WHS Regulations form the bedrock of your organisation's legal obligations. Australian safety law is structured as a pyramid of authority. At the apex sits the Act, which establishes the broad, enabling duties. Beneath it, the Regulations provide the specific, mandatory mechanics for managing particular hazards.

Understanding this distinction is critical for your compliance strategy. The Act tells you what must be achieved (e.g., a safe workplace), while the Regulations often tell you how it must be achieved (e.g., ensuring noise does not exceed 85 decibels). Failure to comply with either layer can result in criminal prosecution, significant financial penalties, and, in the most severe cases, imprisonment for industrial manslaughter.

The Harmonisation Context

Historically, every Australian state and territory operated under its own distinct safety laws. This created significant inefficiency and confusion for national organisations. In 2011, Safe Work Australia developed the "Model WHS Laws" to harmonise safety legislation across the country.

As of 2025, the Model WHS Laws have been adopted by the Commonwealth, New South Wales, Queensland, South Australia, Tasmania, the Australian Capital Territory, the Northern Territory, and Western Australia.

Victoria remains the significant outlier. Your operations in Victoria are governed by the Occupational Health and Safety Act 2004 (Vic) and the Occupational Health and Safety Regulations 2017 (Vic). While the underlying principles of "reasonable practicability" are similar, the terminology and specific officer duties differ materially from the harmonised jurisdictions. Throughout this page, specific attention is drawn to these Victorian differences to ensure your national compliance framework remains robust.

The Structure of the Legislation

You should view the legislative framework as an interconnected system:

1. The Act (WHS or OHS): This is the primary statute passed by parliament. It creates the duties of care, defines the key roles (PCBU, Officer, Worker), and establishes the enforcement powers of the regulator. It is "performance-based," meaning it sets the outcome (safety) without always prescribing the method.

2. The Regulations: These are legally binding legislative instruments. They address specific hazards such as noise, falls from heights, hazardous chemicals, and plant. If a regulation prescribes a specific control measure (e.g., testing operational RCDs), you must follow it. There is often no defence of "reasonable practicability" if you fail to implement a prescriptive regulation.

3. Codes of Practice: These are practical guides approved by the government. While they are not law in the strict sense, they are admissible in court as evidence of what is known about a hazard and what is reasonably practicable to do about it. If you choose not to follow a Code, you must demonstrate that your chosen method provides a standard of safety that is equivalent to or higher than the Code.

Core Duties Under the Act

The WHS Act functions by assigning responsibility to the person or entity best placed to control the risk. This moves away from the traditional "employer/employee" relationship to the broader concept of the "Person Conducting a Business or Undertaking" (PCBU).

The Person Conducting a Business or Undertaking (PCBU)

Under the Model WHS Act, the primary duty of care rests with the PCBU. You need to understand that "PCBU" is a broad legal concept that encompasses corporations and companies, partnerships, sole traders, unincorporated associations, and government departments.

Your Primary Duty (Section 19): The PCBU must ensure, so far as is reasonably practicable, the health and safety of workers they engage or cause to be engaged, workers whose activities they influence or direct, and other persons (visitors, public) who may be put at risk by the work.

This definition is expansive. It means your organisation cannot contract out its safety duties. If you hire a contractor, you are a PCBU, and the contractor is a PCBU. You both hold a concurrent duty to the workers on the ground. You cannot rely solely on the contractor's expertise; you must verify that they are working safely.

The Victorian Difference: In Victoria, the OHS Act 2004 retains the term "Employer" (Section 21). While the practical application is often similar—employers have duties to independent contractors over matters they control—the statutory language differs. If you operate in Victoria, your legal advice and policies should reflect "Employer" terminology, though your safety systems will likely look identical to those in harmonised states.

The Meaning of "Reasonably Practicable"

The qualifying phrase "so far as is reasonably practicable" is the legal boundary of your duty. It does not demand the elimination of all risk at any cost, but it imposes a rigorous test. To determine what is reasonably practicable, you must weigh five specific factors:

Operational Reality: In post-incident investigations, regulators and courts focus heavily on the third point—"what the person ought reasonably to know." You are expected to know the industry standards. Ignorance is not a defence. If a safety guard is standard in your industry, you are expected to have it, regardless of whether you personally knew about it. The "cost" factor is rarely accepted as a valid reason for exposing workers to a risk of death or serious injury.

Officers and Due Diligence

The WHS Act imposes a positive duty on "Officers" (Directors and senior executives) to exercise due diligence. This is perhaps the most significant divergence from older safety laws. An Officer can be prosecuted personally for failing to exercise due diligence, even if the organisation has not been convicted of an offence.

Who is an Officer? An Officer is defined under the Corporations Act 2001 (Cth). It includes directors, company secretaries, and persons who participate in making decisions that affect the whole, or a substantial part, of the business. It generally does not include middle management.

The Six Elements of Due Diligence (Section 27)

To satisfy your duty as an Officer, you must take reasonable steps to:

1. Acquire and maintain up-to-date knowledge of WHS matters.
2. Understand the nature of your operations and the associated hazards and risks.
3. Ensure appropriate resources and processes are available to eliminate or minimise risks.
4. Ensure processes exist for receiving and considering information regarding incidents, hazards, and risks (and responding in a timely manner).
5. Ensure legal compliance processes are implemented (e.g., notifying regulators, consulting workers).
6. Verify the provision and use of these resources and processes.

The Victorian Difference (Section 144): Victoria does not have a positive Section 27 equivalent. Instead, under Section 144 of the OHS Act, an Officer is liable if the corporation contravenes the Act and the contravention is attributable to the Officer's failure to take reasonable care. While this appears to be a reactive duty (after the fact), the introduction of Workplace Manslaughter laws in Victoria effectively compels Officers to exercise due diligence to avoid criminal negligence charges.

Consultation, Cooperation, and Coordination

The Act mandates that you consult with workers who are, or are likely to be, directly affected by a matter relating to work health and safety. This is not optional.

The Mechanism of Consultation: You must share relevant information. You must give workers a reasonable opportunity to express their views. You must take those views into account before making a decision. You must advise workers of the outcome.

Horizontal Consultation (Section 46): Where multiple PCBUs share a duty (e.g., a landlord, a tenant, and a cleaning contractor), you must "consult, cooperate, and coordinate" with each other. You cannot work in silos. If you are a Principal Contractor, you must coordinate with the sub-contractors to ensure that your safety systems (like traffic management) mesh with theirs.

Key Regulatory Requirements

While the Act sets the duties, the WHS Regulations dictate the mechanics of compliance for specific hazards. You must be familiar with the following key regulatory areas.

The Hierarchy of Controls (Regulation 36)

The Regulations codify the Hierarchy of Controls, mandating that you manage risks in a specific order of priority. This is a legal requirement, not just a theoretical model.

Your Obligation: You cannot simply choose PPE (Level 6) if an Engineering control (Level 4) is reasonably practicable. The Regulations require you to work through this hierarchy top-to-bottom. If you rely solely on administrative controls or PPE for high-consequence risks, you are likely in breach of Regulation 36.

Management of Noise (Part 4.1)

The Regulations set a strict exposure standard for noise in the workplace. An 8-hour time-weighted average (LAeq,8h) of 85 decibels (A), or a peak sound pressure level of 140 decibels (C).

If a worker is exposed above this limit, you must implement control measures (prioritising engineering over PPE) and you must provide audiometric testing (hearing tests) within three months of the worker starting and at least every two years thereafter.

Common Failure: Providing earplugs without first attempting to dampen the noise source or isolate the machinery is a common regulatory breach.

Prevention of Falls (Part 4.4)

Falls from height are a leading cause of workplace fatalities. The Regulations are highly prescriptive regarding when specific controls must be used.

The "2 Metre" Rule: In the Model WHS Regulations (and specifically for High Risk Construction Work), distinct obligations arise when there is a risk of a person falling more than 2 metres. You must prepare a Safe Work Method Statement (SWMS) before work commences if the fall risk exceeds 2 metres. You must provide adequate protection, such as edge protection, scaffolding, or travel restraint systems. Administrative controls alone are generally insufficient for risks above 2 metres.

Psychosocial Hazards (Part 3.2, Division 11)

A critical recent development in the WHS Regulations (introduced across 2022-2023) is the explicit regulation of psychosocial hazards.

What are they? Aspects of work design that increase the risk of work-related stress, such as high job demands, low job control, poor support, bullying, and harassment.

Your Duty: You must manage psychosocial risks using the same risk management process applied to physical risks. You are required to identify these hazards, assess the risk, and implement controls.

Control Measures: You must apply the hierarchy of controls. For example, if "high workload" is the hazard, the control is not "resilience training" (Administrative/PPE equivalent); the control is "job redesign" or "hiring more resources" (Elimination/Engineering equivalent).

Hazardous Chemicals and Lead

Recent amendments have tightened the regulations around hazardous substances, particularly lead. The blood lead removal levels (the level at which you must remove a worker from lead duties) were lowered significantly in 2024/2025 (e.g., reducing the exposure standard to 0.05mg/m³). If your workers handle lead, you must update your health monitoring protocols immediately.

You must ensure all hazardous chemicals are labelled according to the Globally Harmonized System (GHS) and that current Safety Data Sheets (SDS) are accessible to workers.

Legal Consequences and Penalties

Compliance with the WHS Act is not optional. The penalties for non-compliance are severe and have been increasing annually. In 2025, penalty units in the Commonwealth and other jurisdictions were indexed, raising the financial stakes significantly.

Categories of Offences

The WHS Act categorises offences based on the degree of culpability and the risk of harm:

Category 1 (Reckless Conduct): Where a duty holder engages in conduct that exposes an individual to a risk of death or serious injury or illness, and is reckless as to the risk. Penalty: Up to $3-4 million for corporations and up to 5 years imprisonment for individuals.

Category 2 (Failure to Comply creating Risk): Failure to comply with a duty that exposes a person to a risk of death or serious injury (no recklessness required). Penalty: Up to $1.5-2.3 million for corporations.

Category 3 (Failure to Comply): A breach of a duty where no specific risk of death/serious injury needs to be proven. Penalty: Up to $500k-795k for corporations.

Industrial Manslaughter

Most jurisdictions (QLD, VIC, WA, ACT, NT, and the Commonwealth) have now introduced Industrial Manslaughter offences.

The Offence: This applies where a PCBU or Officer creates a risk that results in the death of a worker, and their conduct was negligent or reckless.

The Penalty: Maximum penalties include fines of up to $20 million for bodies corporate and 20-25 years imprisonment for individuals.

Victorian Precedent: In 2024, the first Victorian workplace manslaughter conviction (LH Holding) resulted in a $1.3 million fine and a conviction for the director. This demonstrates that courts are willing to apply these laws to hold directors personally accountable.

Common Challenges: The "Paper Safety" Trap

One of the most profound challenges you will face is the disconnect between "Paper Safety" and operational reality.

The Illusion of Compliance

Inquiries into major disasters, such as the Dreamworld Thunder River Rapids tragedy, often reveal safety management systems that appeared robust on paper but were ineffective in practice. This is known as the distinction between "Safety Work" (bureaucratic tasks like auditing and reporting) and "The Safety of Work" (actual risk control on the floor).

The Trap: Your organisation may believe it is safe because you have thousands of signed SWMS and Take-5 checklists.

The Reality: If workers are "ticking and flicking" these documents without engaging with the risk, you have created a liability, not a defence. A signed SWMS that does not reflect the actual work method is evidence of a failure of due diligence.

Supply Chain Pressure

You may face commercial pressure to cut costs or speed up delivery. The WHS Act explicitly prohibits transferring your duty. You cannot contract out of your WHS obligations. If you pressure a transport company to meet an unrealistic deadline, and that pressure causes a fatigue-related accident, you (the client PCBU) can be prosecuted as a primary duty holder.

Managing Contractors

A common failure mode is the "hands-off" approach to contractors. You cannot assume a contractor is safe just because they are a specialist. You must verify their safety systems before they start, monitor their compliance while they are on site, and stop the work if you see an unsafe act. Failing to supervise contractors is a frequent cause of prosecution for Principal Contractors.

Best Practices: Actionable Guidance

To ensure robust compliance and genuine safety, you should implement the following strategies:

Operationalise Due Diligence

As an Officer, do not rely solely on reports. You must verify. Regularly walk the floor. Ask workers: "What is the most dangerous part of your job?" and "What stops you from getting hurt?" Pick one critical risk (e.g., Traffic Management) and trace it from the Boardroom policy down to the physical barrier on site. Is there a gap?

Focus on Critical Risks

Move your reporting away from "Lagging Indicators" (like Lost Time Injury Frequency Rates - LTIFR), which measure past failure and can be manipulated. Focus on "Leading Indicators" and "Class 1 Risks" (risks that can kill).

Board Question: Instead of asking "How many injuries did we have?", ask "Did our critical controls for working at heights fail this month, and how do we know?".

Meaningful Consultation

Engage with your Health and Safety Representatives (HSRs). They are your eyes on the ground. Involve workers in the purchase of equipment, not just the training. If workers help select the safety gloves, they are more likely to wear them. If an HSR issues a Provisional Improvement Notice (PIN), treat it as a free audit finding, not an act of aggression. It is a chance to fix a breach before the regulator arrives.

Simplify Your Systems

Combat "Paper Safety" by decluttering. If a SWMS is 40 pages long, no one is reading it. Reduce it to the critical controls that actually keep people safe. Focus on visual aids and clear, simple language.

References

• Safe Work Australia. (n.d.). Model WHS Laws. safeworkaustralia.gov.au
• HIA. (2023). The hierarchy of health and safety legislation. hia.com.au
• Safe Work Australia. (2025). Model WHS Act Cross-Comparison Table. safeworkaustralia.gov.au
• DEWR. (2025). Work Health and Safety. dewr.gov.au
• WorkSafe Victoria. Occupational Health and Safety Act and regulations. worksafe.vic.gov.au
• Courtenell. Differences between Model WHS laws and VIC OHS laws. courtenell.com.au
• Safe Work Australia. Interpretive Guide: Officer Duty. safeworkaustralia.gov.au
• Safe Work Australia. Model Code of Practice: Managing psychosocial hazards at work. safeworkaustralia.gov.au
• Comcare. (2025). New WHS Regulations for blood lead levels. comcare.gov.au
• Comcare. (2025). Increases in WHS Act penalty amounts. comcare.gov.au
• Safe Work Australia. Maximum monetary penalties under the WHS laws. safeworkaustralia.gov.au
• VGSO. New Victorian workplace manslaughter offences. vgso.vic.gov.au
• HFW. Industrial manslaughter offence in Australia. hfw.com
• Safe365. When Safety Becomes Criminal: Lessons from Industrial Manslaughter and the Dreamworld Case. safe365global.com
• Culturology. 12 WHS Questions every Board should be able to answer. culturology.com.au