Acts, Regulations, Compliance Codes and Standards - A breakdown of the differences

We all know employers have a duty to do what is ‘reasonably practicable’ to protect the health and safety of their workers. But what does that actually mean in practice?

In this article, I break down the differences in Acts, Regulations, Standards, and Codes of Practice including what they are, how they differ, and how they’re used to determine whether an employer has genuinely met their ‘reasonably practicable’ obligations.

Legislation is an umbrella term that covers both Acts (usually called ‘primary legislation’) and Regulations (also called subordinate or delegated legislation).

While I mainly refer to Victorian legislation (because that’s where I live), the concepts for each jurisdiction are the same.

What is an Act?

An Act is legislation passed by Parliament. Acts set out the primary legal duties and responsibilities and have the highest legal authority in occupational health and safety.

In the OHS context, an Act establishes who has duties (employers, officers, workers, contractors), what those duties are, and the standard to which they are held. An obligation to ensure health and safety “so far as is reasonably practicable”. For example, the Occupational Health and Safety Act 2004 (Vic) states, ‘The importance of health and safety requires that employees, other persons at work and members of the public be given the highest level of protection against risks to their health and safety that is reasonably practicable in the circumstances.’

Acts are intentionally broad and high-level. They do not tell employers exactly how to manage every risk or control every hazard. Instead, they set the outcomes you are legally responsible for: preventing harm and protecting health.

If an employer breaches an Act, they can face enforcement action, prosecutions, fines, and, in serious cases, criminal liability (including industrial manslaughter). Acts are what regulators ultimately enforce.

An Act tells you what you must achieve. How you achieve it is explained through a combination of Regulations, Compliance Codes (aka Codes of Practice), and Standards.

What are Regulations?

While Acts lay out employers’ responsibilities, Regulations are more granular and address specific risks and controls for things such as hazardous materials, noise, asbestos, silica, working at heights, plant, and waste management, to name a few. 

Regulations sit under the Act and are also law. Parliament passes the Act and the responsible Minister oversees the Regulations.

Regulations are typically drafted by experts in consultation with industry experts, unions and regulators.

Not all Acts have accompanying Regulations, but many do. For example, the Occupational Health and Safety Act 2004 (Vic) is accompanied by the Occupational Health and Safety Regulations 2017 (Vic). And the Public Health and Wellbeing Act 2008 (Vic) is accompanied by the Public Health and Wellbeing Regulations 2019 (Vic).

When an Act has accompanying Regulations, it's best to refer to them in conjunction to understand all your legal obligations.

What are Compliance Codes?

Compliance Codes (sometimes called Codes of Practice) are written to support compliance with legislation. While not technically the law, Codes explain practical ways employers can meet their legal obligations with a specific Act or Regulation.

There are many codes of compliance. Here are just a few examples:

• Compliance Code: Noise (Vic)

• Compliance Code: Managing Asbestos in Workplaces (Vic)

• Model Code of Practice: Managing risks of silica in the workplace (SWA)

• Compliance Code: Confined spaces (Vic)

If a Compliance Code exists for a specific workplace hazard or safety issue, then employers should refer to it to ensure they’re meeting their legal duties.

Standards

A Standard is a technical document developed by a recognised standards body (such as Standards Australia). Standards set out agreed methods, specifications, or best-practice guidance for how something should be done or risks managed. They are typically drafted and approved by committees of industry and technical experts.

In safety law, Standards are commonly referred to by regulators and courts to decide whether an employer met the ‘reasonably practicable’ test. Standards denote what a competent employer should reasonably know and do to protect their workers. They are the benchmark for safety.

An example of a standard related to RPE is the AS/NZS 1715:2009. This standard lays out how you should select, use and maintain respiratory protective equipment.

If a relevant Standard exists and you ignore it, you must be able to show that your alternative approach was at least as safe, and preferably safer.

The only downside is that Standards usually have to be purchased from organisations such as Standards Australia. You can purchase one-off documents or sign up for a subscription for access to more documents.

How to determine what is reasonably practicable (and how Compliance Codes and Standards can help)

‘Reasonably practicable’ is used to qualify duties to ensure health and safety and specific other duties in the WHS Act and Regulation. Standards and Compliance Codes, as discussed above, can help employers meet their legal obligations and keep workers safe.

Safe Work Australia created this handy document for duty-holders to determine what is practicable in their workplace. The guide states that: A duty-holder can gain this knowledge in various ways, for example by:

·       Consulting their workers and others in the industry

·       Undertaking risk assessments

·       Analysing previous incidents

·       Considering relevant Regulations, Codes of Practice and Standards

·       Industry publications

·       Referring to scientific and technical literature

Let’s look at an example. You’re an employer whose workers need respiratory protective equipment (RPE) to reduce the risk of silica exposure. You check your jurisdiction’s OHS Act and relevant Regulations, and notice neither of those explicitly mentions fit testing, so you decide not to do it.

A WorkSafe inspector attends your site and issues you an improvement notice for not conducting fit testing. Why? Because while the Act and Regulations may not explicitly mention fit testing, both AS/NZS 1715:2009 and the Safe Work Code of Practice for Crystalline Silica do. Those documents set out what competent employers are expected to know and do to keep their workers safe. Most likely, fit testing would be deemed to be 'reasonably practicable' in the eyes of regulators.

In other words, you don’t get a free pass just because the requirement isn’t written word-for-word in an Act or Regulation. As an employer, you should know, or ought to know, that fit testing is required for all tight-fitting respirators because that information is readily available.

Victoria - The Rogue State

I thought it was worth mentioning that Victoria is the only state that is not part of the Model Work Health and Safety (WHS) laws.

Every other Australian state and territory has adopted the Model WHS Act (with some tweaks). Victoria never did and instead sticks with its own legislation under the Occupational Health and Safety Act 2004 (Vic) and the OHS Regulations 2017 (Vic).

What that means in practice:

• Victoria essentially has the same duties as the model laws (employer duties, risk management, consultation, etc.), just written differently.

• Some terminology is different (for example, Victoria doesn’t use “PCBU”).

• Enforcement and penalties are still very real, and in some areas Victoria is tougher, not softer.

This can be tricky for employers who have companies in Victoria as well as other states because you have to work out the nuances between Vic legislation and the model laws.

Wrapping It Up

Being responsible for workers’ health and safety is no small feat. As we’ve seen, there are multiple resources employers must be familiar with to ensure they meet their legal OHS obligations and, most importantly, keep their people safe at work.

To recap:

• An Act is the law passed by Parliament that sets the primary duty to protect health and safety and establishes who is legally responsible.

• Regulations are legally enforceable rules made under an Act that specify requirements for managing known hazards.

• Compliance Codes (Codes of Practice) are regulator-approved documents that outline accepted ways to comply with the law and serve as a benchmark for enforcement.

• A Standard is a technical document that describes how to do something properly and is often used by regulators and courts to judge whether duties were met.

While there is a lot to know and digest, ‘I didn’t know’ isn’t an excuse. My advice to employers is to familiarise yourselves with Acts, Regulations, Compliance Codes and Standards relevant to your industry and hazards so you can ensure your workers go home happy and in one piece and you don’t end up with a hefty fine or, worse, criminal charges.

Copyright © Fit Test Victoria Pty Ltd 2025

All rights reserved. No part of this blog post may be reproduced, distributed, or transmitted in any form or by any means, including photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the copyright owner.