Engaging in employee background checks for potential candidates is a common practice amongst Australian businesses and organisations. This is even more important when businesses are working in a hybrid/work from home environment. It is important to determine whether an employee is the right fit and part of that may be conducting pre-employment checks. Sometimes a police check will be required. However, the legality surrounding background checks is not always clear and can result in employers potentially breaching discrimination and privacy laws.


There is no blanket rule for employee background checks that applies to all employers. Depending on the industry you are in, there may be legislative requirements to check the criminal history of a prospective employee, such as industries which work directly with children, like childcare centres and schools. However, for most businesses, whether it is lawful to require a police check and use that information in the decision to hire someone with a criminal record depends on whether the criminal record information is relevant to the inherent requirements of the position.

This approach has been recognised throughout Australia, however only the Northern Territory have codified this principle in the Anti-Discrimination Act 1992 (NT).


Before mandating a police check for prospective employees, employers should consider:

  • the nature of the role being advertised; and
  • whether any criminal record or conviction of a candidate would impact their ability to fulfil the role.

Taking a blanket approach may result in discrimination claims. Employers should determine the circumstances where the results of a criminal check would indicate an employee is unsuitable for a job and the circumstances where it would not.

By notifying potential applicants that any job offer is subject to a background check, employers can mitigate the risk of an unsuccessful applicant claiming they were subject to a check due to their ethnicity, race, gender, or another personal characteristic. A clearly worded advertisement will also reduce the ability of an unsuccessful applicant making a discrimination claim that they have been treated less favourably because of the information revealed in their police check.

Privacy Implications

Employers should only collect personal information, including criminal records, to the extent necessary for a purpose directly related to a function of the employer, i.e. vetting a prospective employee. The Privacy Act 1988 (Cth) (Privacy Act) prohibits the unnecessary and excessive collection and use of personal information. Therefore, employers should consider whether collecting the criminal record of a prospective employee is necessary to consider a their application for a specific position. Note this prohibition under the Privacy Act  generally does not apply to businesses with an annual turnover of less than $3 million.

A person’s criminal record is also considered sensitive information under the Privacy Act. Therefore, employers must obtain consent from prospective employees to conduct a police check or collect their criminal record information. One easy way for employers to achieve this is by specifying on the job advertisement that an offer of employment is subject to a police check.

Legislative Requirements

As mentioned above, employers may be subject to legislative requirements when recruiting, including mandatory police checks. Being aware of the relevant legislation governing your businesses’ industry is important to ensure compliance with any mandated background checks.

For example, the Child Protection (Working with Children) Act 2012 (NSW) requires all employees and volunteers over the age of 18 working in child-related roles to obtain a Working with Children Check (WWCC). All WWCC applicants are subject to a National Police Check and their application may be denied if convicted of certain offences.

New Development

Businesses considered operators of critical infrastructure may be required to implement background checks if the Security Legislation Amendment (Critical Infrastructure) Bill 2020 (SOCI Bill) passes through parliament. The SOCI Bill requires operators of critical infrastructure implement employee background checks under the Critical Infrastructure Risk Management program.

The Bill proposes that operators of critical infrastructure under the SOCI Bill will be governed by the AusCheck Act 2007. The AusCheck Act provides a regulatory framework within which a government agency can provide centralised background checking coordination to a wide range of government agencies and related bodies. This means that, if the Bill is passed, the AusCheck Act will require background checks in relation to those involved in a wider range of services involved in critical infrastructure.


Suggested Steps for Employers

  1. Identify any legislation or regulations requiring background or police checks (e.g. SOCI Bill);
  2. Consider the nature of the role being advertised – does it need a police check and what are the eligibility criteria for the role;
  3. Notify any candidates before they apply for the role that an offer of employment is contingent on completing a police check; and
  4. When collecting a candidate’s criminal record or police check, treat the information as sensitive information.

If you are considering requiring employee background checks for potential candidates, please do not hesitate to contact Katherine Sainty at Katherine.sainty@saintylaw.com.au to discuss your specific circumstances.

For more information, get in touch with us today.

This article was originally published on OneTrust and is available here