N
    Nifty Computing
    2026 Compliance Readiness Assessment
    Last reviewed

    Is your electrical business ready for the 2026 compliance landscape?

    A 20-question diagnostic for Australian electrical contractors - sole-trader sparkies, multi-licence shopfitting and commercial outfits, and businesses doing data, solar, or EV charging on the side. See where you stand against state contractor licensing, sign-off responsibilities (CCEW / COES / CoC), AS/NZS 3000 compliance, WHS, TPAR, Security of Payment, cyber-crime risks, and the 2026 small-business reforms. Each weak answer returns a specific fix.

    What's on the radar for Australian electrical businesses in 2026
    • 28 AUG 2026Taxable Payments Annual Report (TPAR) due - mandatory for building/construction businesses paying subcontractors
    • 1 JUL 2026Super Guarantee to 12%; payday super commences (super paid with wages, not quarterly)
    • 10 DEC 2026Automated Decision-Making (AI) transparency rules under the Privacy Act - applies if you use AI lead-scoring, quote-gen, or screening
    • CURRENTAFP warning - business email compromise scams are actively targeting the construction sector

    Electrical licensing is state-based with mutual recognition under AMR (all states except QLD). Compliance certificate regimes differ materially by state - CCEW (NSW), COES (VIC), CoC (SA), and equivalents elsewhere.

    Your privacy. Your individual answers stay on your device - we don't store them. When you finish, we save an anonymous record of your scores (industry, overall and per-category percentages, state, business type) so we can show how you compare to others in your industry. We also log anonymous counts for when a quiz is started, when a report is downloaded, and (if you later request it) when one is emailed - no identifying information is attached to any of these. We never capture your name, email, IP address, or any business identity.

    20Questions
    LiveAverage time
    10Risk Areas
    What best describes your business?
    Primary state or territory of operation

    Full quiz content - Electrical Contractor Compliance Quiz 2026 - Licensing, AS/NZS 3000, WHS, Cyber | Nifty Computing

    This index lists every question, every answer option with its score, every tier band, every recommendation, and every regulatory source used by the electrical compliance readiness quiz. Last reviewed .

    Tier scoring

    • Compliance Ready - score ≥ 85/100, review every 12 months. Your electrical business demonstrates strong compliance maturity across licensing, technical standards, WHS, tax, and commercial practices. Maintain annual reviews and keep pace with emerging reforms. Recommended next review: 12 months.
    • Good - Minor Gaps - score ≥ 70/100, review every 12 months. Solid foundations with targeted gaps to address. Work through the priority findings below, particularly around the August 2026 TPAR deadline and 2026 super changes. Recommended next review: 12 months.
    • Moderate Risk - Action Needed - score ≥ 50/100, review every 6 months. Several material gaps in your compliance practices. Given the active AFP focus on construction-sector cyber crime and the state regulator focus on sign-off documentation, prioritise the findings below over the next 1–3 months. Recommended next review: 6 months.
    • High Risk - Urgent Action - score ≥ 30/100, review every 1 months. Significant exposure across multiple obligations. A state regulator inspection, an ATO data-match, or a cyber incident is a material risk at this readiness level. Engage professional advice. Recommended next review: 1 month.
    • Critical - Immediate Intervention - score ≥ 0/100, review every 1 months. Your business has substantial non-compliance with Australian regulatory obligations. Engage qualified compliance, tax, and cyber advisers as soon as practicable. Recommended next review: 1 month.

    Categories assessed

    • LIC - Licensing & Registration
    • CRT - Electrical Safety Certification
    • STD - Technical Standards & Testing
    • WHS - Work Health & Safety
    • ACL - Consumer Law & Contracts
    • SOP - Security of Payment
    • TAX - Tax, TPAR & Subcontractors
    • INS - Insurance & Workers Comp
    • ASB - Asbestos & Hazardous Materials
    • CYB - Cyber & Business Email Compromise

    Questions

    1. Q1 (LIC, weight 3): Is your electrical contractor licence (business-level licence to advertise and contract) current and renewed on time?

      • Yes, current and renewed well before expiry (score 5)
      • Current but has lapsed in the past 12 months (score 3)
      • Not sure - need to check (score 1)
      • No, I operate under someone else's contractor licence (score 2)

      If a weak option is selected: Your electrical contractor licence is a business-level licence separate from your electrician's work licence. If it lapses, you can't legally advertise, contract, or issue compliance certificates. Set renewal reminders 90 days before expiry and record the licence number on all customer-facing documents.

    2. Q2 (LIC, weight 3): Do all your electricians (employees and subcontractors) hold current state licences matching the scope of work they perform?

      • Yes - verified and documented with expiry dates tracked (score 5)
      • Yes - but tracking is informal (score 3)
      • Some verified, some assumed (score 1)
      • We rely on them to manage their own (score 0)

      If a weak option is selected: As the contractor, you have a legal obligation to ensure only licensed staff perform electrical work. Maintain a register with licence number, class, expiry date, and a photo of the current licence card. Verify via your state regulator's public licence check before first engagement.

    3. Q3 (LIC, weight 2): Do you hold the correct licence endorsements for all the work you do (e.g. solar PV, data cabling, instrumentation, restricted work)?

      • Yes - endorsements match every service we offer (score 5)
      • Mostly - unsure about one or two specialist areas (score 2)
      • No - we sometimes do work outside our endorsements (score 0)
      • Don't know what endorsements we hold (score 0)

      If a weak option is selected: Doing electrical work outside your licence scope is a regulatory breach with penalties that can include licence cancellation. Solar PV requires CEC accreditation for STC/rebate eligibility. Data cabling needs the ACMA Cabler Registration. Audit your service offerings against your licence conditions annually.

    4. Q4 (LIC, weight 2): If you work across state borders, have you notified under Automatic Mutual Recognition (AMR) or obtained a state-specific licence where required?

      • Yes - AMR notifications lodged and ESV/equivalent connections set up (score 5)
      • Don't work across state borders (score 5)
      • Work across borders but haven't formalised AMR (score 1)
      • Not aware of AMR requirements (score 0)

      If a weak option is selected: AMR applies to all states and territories except QLD. If your primary residence is in an AMR state, you can work in other AMR states without a second licence, but you must notify the regulator in the state you're working in. In VIC, notification to Energy Safe Victoria is required to register for ESVConnect and lodge COES. QLD requires full mutual recognition application.

    5. Q5 (LIC, weight 2): Is your Qualified Supervisor (or equivalent) named on your contractor licence, and is their certification current?

      • Yes - named, certified, and active in the business (score 5)
      • Named but not actively involved day-to-day (score 2)
      • There's a nominated supervisor but we haven't reviewed the arrangement recently (score 1)
      • No formal qualified supervisor arrangement (score 0)

      If a weak option is selected: Your contractor licence requires a named Qualified Supervisor (NSW) / Nominee / Qualified Technical Person (varies by state) whose qualifications back the business licence. If they leave the business or their certification lapses, your contractor licence can be suspended or cancelled. Review this arrangement at renewal.

    6. Q6 (LIC, weight 1): Do apprentices and trainees work under direct supervision at the level required by your state's regulations?

      • Yes - ratio and supervision documented per job (score 5)
      • Usually, but not documented (score 3)
      • Sometimes apprentices work unsupervised (score 0)
      • No apprentices currently (score 5)

      If a weak option is selected: Apprentice supervision ratios and requirements are set by each state regulator and by your training contract with the AASN. Unsupervised apprentice work is a licence breach and a WHS risk. Document the supervising electrician for each job an apprentice works on.

    7. Q7 (LIC, weight 2): Does your advertising (website, vehicle signage, ads) display your electrical contractor licence number?

      • Yes, on all advertising and customer-facing materials (score 5)
      • On some but not all (score 3)
      • Only on quotes and invoices (score 2)
      • Not routinely (score 0)

      If a weak option is selected: Most states require the contractor licence number to appear on all advertising, quotes, invoices, and contracts. This is both a legal requirement and a consumer trust signal. Include it in your email signature, website footer, and on every vehicle.

    8. Q8 (CRT, weight 3): Do you issue the correct state compliance certificate for every job (e.g. CCEW in NSW, COES in VIC, CoC in SA, etc.) before collecting final payment?

      • Yes, lodged electronically before practical completion (score 5)
      • Yes, but sometimes delayed after completion (score 3)
      • Only for jobs the customer or network asks for (score 1)
      • Not consistently (score 0)

      If a weak option is selected: State compliance certificates (CCEW / COES / CoC and equivalents) are a mandatory legal document for every electrical installation. In most states, late lodgement is a licence breach and in many states handwritten or PDF certificates are no longer accepted. Lodge electronically at practical completion, not after payment.

    9. Q9 (CRT, weight 3): Do you keep a complete record of compliance certificates issued, linked to the job, testing results, and your invoice?

      • Yes, digital records linked and searchable (score 5)
      • Certificates filed but not linked to job records (score 2)
      • Paper records only, stored locally (score 1)
      • No consistent record-keeping (score 0)

      If a weak option is selected: You must be able to produce compliance certificates on request from the regulator, the insurer, the next buyer of the property, or the homeowner if a fault occurs. Minimum retention is typically 7 years but many states now require indefinite retention. Use a consistent digital filing system linked to customer records.

    10. Q10 (CRT, weight 3): When you sign off on subcontractor electrical work, have you personally verified the installation meets relevant standards?

      • Always - I do quality checks before issuing the certificate (score 5)
      • Usually - I check paperwork and spot-check work (score 3)
      • Sometimes - depends on the subbie (score 1)
      • I sign what they say is done (score 0)

      If a weak option is selected: When you issue a compliance certificate, you take full legal and professional responsibility for the installation regardless of who performed the physical work. Establish a documented QA process for subcontracted work: test reports, photos, pre-handover inspection. A bad sign-off can cost you your licence.

    11. Q11 (CRT, weight 2): Does your compliance certificate record include all required testing results (insulation resistance, earth continuity, RCD operation, polarity)?

      • Yes, all mandatory tests with values recorded (score 5)
      • Tests done but results not always recorded (score 2)
      • Test equipment not always available on site (score 0)
      • Not sure what's required (score 0)

      If a weak option is selected: AS/NZS 3000 Section 8 specifies mandatory verification tests. Recording actual measured values (not just pass/fail) protects you in a dispute and is expected by most state regulators. Calibrated test equipment is required - keep calibration records.

    12. Q12 (CRT, weight 2): Do you install and test RCDs as required by current AS/NZS 3000 requirements (including on existing circuits being altered)?

      • Yes, on all new and altered circuits per the standard (score 5)
      • New circuits yes, altered circuits sometimes (score 2)
      • Only where customer requests or inspector requires (score 0)
      • Not sure of current RCD requirements (score 0)

      If a weak option is selected: AS/NZS 3000:2018 requires RCD protection on almost all final sub-circuits in new and altered installations. Omitting RCDs on altered circuits is a common failure mode in compliance certificate audits. Review the current Wiring Rules annually - AS/NZS 3000 is under review for the 2026 edition.

    13. Q13 (CRT, weight 2): Do you report serious electrical safety incidents (shocks, fires, fatalities) to your state regulator within the required timeframe?

      • Yes, and staff know the reporting process (score 5)
      • Yes, but process is informal (score 3)
      • Unsure if we would know what to do (score 1)
      • No process in place (score 0)

      If a weak option is selected: Electrical safety incident reporting is separate from WHS incident reporting and is required by state electrical safety legislation in most jurisdictions. Timeframes vary - typically 24 hours for serious incidents. Document your incident response process and make sure every licensed worker knows the reporting channel.

    14. Q14 (CRT, weight 1): For solar PV, battery, or EV charger installations, are you following current standards (AS/NZS 5033, AS/NZS 4777, AS/NZS 3000 Part 7)?

      • Yes - and we hold CEC accreditation (score 5)
      • Yes - but not CEC accredited (score 3)
      • Sometimes - depends on the job (score 1)
      • We don't do this type of work (score 5)

      If a weak option is selected: Solar and battery installations are heavily audited by state regulators and CEC. CEC accreditation is required for STC (rebate) eligibility. AS/NZS 5033 (solar PV arrays), AS/NZS 4777 (grid-connected inverters), and AS/NZS 3000 Part 7 apply. Non-compliant solar work is a top regulator inspection priority.

    15. Q15 (STD, weight 3): Do you work to the current edition of AS/NZS 3000 (Wiring Rules) and keep a copy accessible to all staff?

      • Yes - current edition, digital access for all staff (score 5)
      • Yes - one physical copy in the office (score 3)
      • We work from experience, refer only when unsure (score 1)
      • Not sure which edition we're on (score 0)

      If a weak option is selected: AS/NZS 3000:2018 is the current Wiring Rules edition referenced by state regulations. A 2026 edition is under development. Every licensed electrician should have access to the current standard - digital licences from Standards Australia or via industry body memberships (NECA, MEA) are cost-effective.

    16. Q16 (STD, weight 2): Is your test and tag (AS/NZS 3760) work performed by a competent person with calibrated equipment?

      • Yes - documented competency and calibration records (score 5)
      • Yes - but not sure about calibration records (score 3)
      • We outsource this (score 5)
      • Informally, without documentation (score 1)
      • We don't offer this service (score 5)

      If a weak option is selected: AS/NZS 3760 specifies competency requirements and calibration cycles for test-and-tag work. If you offer this service, records must show who did the test, with what equipment, on what date, calibration status of the equipment, and next test due date. Insurers and WHS regulators audit this.

    17. Q17 (STD, weight 2): When installing switchboards, do you comply with AS/NZS 61439 and ensure adequate fault ratings?

      • Yes - we use tested and certified boards for each application (score 5)
      • Most of the time (score 3)
      • We modify existing boards without full recertification (score 0)
      • Uncertain about the standard (score 0)

      If a weak option is selected: AS/NZS 61439 (replaced AS 3439) applies to low-voltage switchgear assemblies. Retrofitting or modifying tested assemblies can invalidate the certification. For domestic and small commercial, use factory-tested boards; for larger commercial and industrial, engage a competent switchboard manufacturer.

    18. Q18 (STD, weight 2): Do you follow appropriate isolation and tagging procedures (lockout/tagout, LOTO) on every live electrical job?

      • Yes - documented LOTO procedure, tags and locks used (score 5)
      • Usually - but informal (score 2)
      • Only on larger jobs (score 1)
      • No formal LOTO (score 0)

      If a weak option is selected: AS/NZS 4836 and state electrical safety legislation require isolation before work. LOTO prevents fatalities. Have a documented procedure, issue personal locks to each worker, and tag every isolation point. A missing LOTO is a WHS breach and can void your insurance in the event of an incident.

    19. Q19 (STD, weight 2): Do you maintain testing equipment calibration records with annual (or manufacturer-specified) recalibration?

      • Yes - registered, tracked, renewed on schedule (score 5)
      • Yes - but tracking is informal (score 3)
      • Calibrated occasionally (score 1)
      • No calibration records kept (score 0)

      If a weak option is selected: Uncalibrated test equipment undermines every compliance certificate you issue. Annual calibration by an accredited lab is standard. Keep certificates on file and tag each instrument with its next-due date. This is one of the first things a regulator asks for in an audit.

    20. Q20 (STD, weight 2): If you work on high-voltage or complex industrial systems, do you have specific competencies and documented safe work procedures?

      • Yes - licensed, trained, documented for each system type (score 5)
      • Some gaps in documentation (score 2)
      • We attempt any job we're asked to (score 0)
      • We don't do HV or complex industrial (score 5)

      If a weak option is selected: HV work, hazardous area (EEHA) work, and complex industrial automation require specific qualifications and in most states a specialist endorsement. Operating outside your competency is a licence breach and a safety risk. Document scope limits and refer work that exceeds them.

    21. Q21 (WHS, weight 3): Do all workers (including you, employees, apprentices, and subcontractors) hold a current White Card (General Construction Induction)?

      • Yes - all verified, copies on file (score 5)
      • Most - but not tracked centrally (score 2)
      • Assumed but not verified (score 1)
      • Don't require it routinely (score 0)

      If a weak option is selected: The White Card is mandatory for anyone entering a construction site anywhere in Australia. Verify and hold copies. Sub-contractors must produce theirs on induction. No White Card = no site access = legal liability if an incident occurs.

    22. Q22 (WHS, weight 3): Do you prepare Safe Work Method Statements (SWMS) for all High Risk Construction Work (HRCW) activities?

      • Yes - SWMS prepared, signed, reviewed per job (score 5)
      • Yes - but we use generic templates (score 2)
      • Sometimes - for big jobs only (score 1)
      • Not aware of SWMS requirements (score 0)

      If a weak option is selected: WHS Regulations define 11 categories of High Risk Construction Work that require a job-specific SWMS: work at heights over 2m, live electrical, confined spaces, hot work, asbestos, etc. Generic templates don't meet the legal test - SWMS must be site- and job-specific, signed by workers, and reviewed if conditions change.

    23. Q23 (WHS, weight 2): Do you perform a documented pre-work risk assessment on every job site before starting work?

      • Yes - site-specific JSA or equivalent documented (score 5)
      • Informal walk-around only (score 2)
      • On larger jobs only (score 1)
      • Not routinely (score 0)

      If a weak option is selected: A pre-work risk assessment (JSA / Take 5 / pre-start) is a fundamental WHS control and expected by any tier-1 head contractor. Document hazards, controls, and worker acknowledgement. Even on small residential jobs - a 2-minute written check protects you if something goes wrong.

    24. Q24 (WHS, weight 2): Are workers trained on electrical hazards specific to your scope (arc flash, live testing, working in wet areas)?

      • Yes - documented training and refreshers (score 5)
      • Informal on-the-job training (score 2)
      • Rely on trade qualification only (score 1)
      • No specific hazard training (score 0)

      If a weak option is selected: Electrical hazard training is a WHS duty and a competency requirement under state electrical safety legislation. Arc flash, in particular, requires PPE category assessment (refer to IEEE 1584 or equivalent). Document training - your insurer will ask for it after an incident.

    25. Q25 (WHS, weight 2): Have you addressed psychosocial hazards (mental health, bullying, fatigue, workload) in your WHS system?

      • Yes - documented policy and active management (score 5)
      • Informally acknowledged, not documented (score 2)
      • Not specifically addressed (score 1)
      • Not aware this is a WHS duty (score 0)

      If a weak option is selected: Psychosocial hazards are now explicitly recognised WHS duties under all harmonised WHS jurisdictions (and under VIC OHS). The Code of Practice on Managing Psychosocial Hazards at Work applies. Trades businesses have higher rates of suicide, fatigue-related incidents, and bullying claims - this matters.

    26. Q26 (WHS, weight 2): Do you report notifiable incidents to your WHS regulator within required timeframes?

      • Yes - process documented and staff know it (score 5)
      • We'd figure it out if it happened (score 1)
      • Not sure what's notifiable (score 0)
      • Never had an incident (score 3)

      If a weak option is selected: Notifiable incidents (death, serious injury, dangerous incident) must be reported immediately to your state WHS regulator and the scene preserved until inspected. Different rules apply for electrical safety incidents (state electrical regulator). Have both numbers on the fridge and in the van.

    27. Q27 (WHS, weight 2): Is your Public Liability insurance current, with a sum insured appropriate for the jobs you do?

      • Yes - $20M+ for commercial, reviewed annually (score 5)
      • Yes - $5-10M, not reviewed recently (score 3)
      • Yes - $2M basic policy (score 1)
      • Not sure of current status (score 0)

      If a weak option is selected: Most commercial head contractors require $20M PL minimum, many require $30M+. Domestic-only can often get away with $10M but check your contract requirements. An electrical fire in a $5M property with $2M cover leaves you personally exposed for the difference. Review annually with a broker.

    28. Q28 (ACL, weight 3): Do you provide written quotes (or clearly labelled estimates) before starting work?

      • Yes - always, with scope, price, inclusions, exclusions (score 5)
      • Usually - sometimes verbal for small jobs (score 2)
      • Only when asked (score 1)
      • Mostly verbal (score 0)

      If a weak option is selected: The ACL distinguishes between a quote (fixed price) and an estimate (approximate). Calling something a quote when it's actually an estimate is misleading conduct. Written quotes with clear scope, inclusions, and exclusions are your single best defence against disputes. Over any threshold (varies by state, typically $200-500) most states require it in writing.

    29. Q29 (ACL, weight 3): Do you follow consumer guarantees under the ACL (services rendered with due care and skill, fit for purpose, within reasonable time)?

      • Yes - and I understand what they require (score 5)
      • Yes - but couldn't explain the detail (score 3)
      • Have heard of them (score 1)
      • Not familiar with consumer guarantees (score 0)

      If a weak option is selected: The ACL consumer guarantees for services (s60–62) can't be contracted out of. You must render services with due care and skill, fit for purpose, within reasonable time. Remedies include re-performance, refund, or compensation for consequential loss. ACCC enforcement of trades-sector misleading conduct has been active - fines reach six figures.

    30. Q30 (ACL, weight 2): Do you document scope changes and variations in writing with customer sign-off before proceeding?

      • Yes - always (score 5)
      • Usually - but verbally first, paper later (score 2)
      • Only for big changes (score 1)
      • Scope changes happen verbally mostly (score 0)

      If a weak option is selected: Variations not documented in writing are the leading cause of trades payment disputes. Require customer sign-off (physical or digital) before doing additional work. A simple variation form template - item, reason, cost, date, both signatures - prevents almost all residential disputes.

    31. Q31 (ACL, weight 2): Do you comply with cooling-off period rules for unsolicited (in-home) sales over the relevant threshold?

      • Yes - 10 business day cooling-off honoured in writing (score 5)
      • Aware of it, handle it verbally (score 2)
      • Not sure if it applies to my work (score 1)
      • Not aware of cooling-off rules (score 0)

      If a weak option is selected: ACL Part 3-2 Division 2 gives consumers a 10-business-day cooling-off on unsolicited contracts over $100. If you doorknock, follow up cold leads at home, or sign agreements at the customer's premises without a prior request from them, this applies. Notice must be in writing. Solar door-knockers are a recent ACCC enforcement focus.

    32. Q32 (ACL, weight 2): Do you have a documented complaints handling process including refunds and re-work procedures?

      • Yes - documented and staff trained (score 5)
      • Informal process only (score 2)
      • We handle complaints case-by-case (score 1)
      • No documented process (score 0)

      If a weak option is selected: A documented complaints process is expected under the ACL and is often required by your industry body or insurer. Include: how the customer complains, who in the business handles it, timeframes for response, resolution options, and escalation to state consumer affairs if unresolved. Track complaints to spot recurring issues.

    33. Q33 (ACL, weight 2): Do your quotes, invoices, and contracts avoid unfair contract terms (e.g. one-sided cancellation clauses, excessive penalties)?

      • Yes - reviewed for fairness (score 5)
      • We use standard templates (score 3)
      • Haven't reviewed our terms (score 1)
      • Don't use written contracts (score 0)

      If a weak option is selected: ACL unfair contract terms rules now carry civil penalties (up to ~$50M for companies). Standard terms that favour you heavily (e.g. you can cancel any time, customer can't; they pay all your legal fees; you set the variation price unilaterally) are likely unenforceable and now penal. Get standard contracts reviewed annually.

    34. Q34 (SOP, weight 3): When working as a subcontractor, do you know how to serve a valid payment claim under your state's Security of Payment Act?

      • Yes - done it, understand the timing and content rules (score 5)
      • Heard of it, not sure of the mechanics (score 2)
      • No - would need professional help (score 1)
      • Not applicable - we're always head contractor or consumer-direct (score 3)

      If a weak option is selected: SOPA is your single most powerful tool against slow-paying head contractors. Every state has one (names vary). A valid payment claim: specifies the work, the amount claimed, and states it's made under the Act. Timing and content requirements are strict - but if followed, the head contractor must pay or provide a payment schedule within tight deadlines.

    35. Q35 (SOP, weight 3): When someone serves a payment claim on you, do you respond with a payment schedule within the statutory timeframe?

      • Yes - always within the deadline (typically 10 business days) (score 5)
      • Usually, but sometimes late (score 2)
      • We ignore or dispute informally (score 0)
      • Haven't had one served (score 3)

      If a weak option is selected: If you don't respond to a payment claim with a compliant payment schedule within the statutory window (typically 10 business days in most states), you are legally required to pay the full amount claimed - full stop. No defence, no counterclaim, no discussion. This is the single biggest trap for head contractors and the most common SOPA loss.

    36. Q36 (SOP, weight 2): Do your contracts with customers and subcontractors have clearly defined payment terms and due dates?

      • Yes - written terms aligned to statutory maximums (score 5)
      • Standard 30-day terms, not state-specific (score 3)
      • Varies by job (score 1)
      • Often verbal or handshake (score 0)

      If a weak option is selected: VIC's 2025 SOPA reform introduces a 20-business-day statutory cap on payment terms (commencement by 1 Sept 2026). NSW subcontractor terms are effectively capped at 20 business days. If your contract sets a longer period, the statutory period overrides it. Align your standard terms with the shortest applicable statutory cap.

    37. Q37 (SOP, weight 2): Do you understand the time limits for making a payment claim after last working on a job?

      • Yes - 12 months NSW, 3 months VIC, etc. (score 5)
      • Know there's a deadline but not the detail (score 2)
      • Unsure (score 0)
      • Not applicable (score 3)

      If a weak option is selected: Payment claim time limits vary by state - NSW 12 months, VIC 3 months, QLD 6 months under BIFA. Miss the window and you lose SOPA protection (normal debt recovery still available but much harder). Calendar the last-day-on-site for every job and set reminders at 75% of the applicable window.

    38. Q38 (SOP, weight 2): If you hold retention money from subcontractors, do you comply with retention trust rules in your state?

      • Yes - trust account, annual audit where required (score 5)
      • We don't hold retentions (score 5)
      • Hold retentions but no trust account (score 1)
      • Not aware of retention trust rules (score 0)

      If a weak option is selected: NSW and QLD have strict retention trust account rules for head contractors holding subbie retention money above certain project thresholds. Penalties for breach can reach $22,000. Trust account, annual audit, compliance officer appointment - this is real regulation, not a suggestion.

    39. Q39 (SOP, weight 2): Do you issue tax invoices with all required particulars and avoid 'pay when paid' clauses in your contracts?

      • Yes - full compliance (score 5)
      • Mostly - occasional 'pay when paid' language in templates (score 1)
      • Use 'pay when paid' regularly (score 0)
      • Unsure of requirements (score 0)

      If a weak option is selected: 'Pay when paid' clauses are void under all state SOPAs - you can't make subbie payment contingent on your receipt from the principal. Tax invoices must include ABN, date, description, GST, total. Non-compliant invoices may fail ATO requirements and SOPA claims.

    40. Q40 (TAX, weight 3): Do you lodge a Taxable Payments Annual Report (TPAR) by 28 August each year?

      • Yes - lodged on time every year (score 5)
      • Yes - but usually late (score 2)
      • Not sure if we need to (score 1)
      • Don't lodge it (score 0)

      If a weak option is selected: If building and construction services are 50%+ of your income or activity AND you pay subcontractors, TPAR is mandatory. Due 28 August annually. Penalties: up to $1,110 per 28-day period (to ~$5,550 for individuals, higher for companies), and non-lodgement is a red flag for broader ATO audit.

    41. Q41 (TAX, weight 2): Do you collect ABNs, addresses, and invoice details for every subcontractor at engagement?

      • Yes - documented onboarding checklist (score 5)
      • Usually - collected with first invoice (score 3)
      • Sometimes missing details on subbies (score 1)
      • Informal record-keeping (score 0)

      If a weak option is selected: TPAR requires each subbie's ABN, name, address, total paid, GST included, and any tax withheld. Collecting this at engagement (not at year-end panic) makes TPAR lodgement a 30-minute task. Use a standard subbie onboarding form or require a Statement by Supplier for those without ABNs.

    42. Q42 (TAX, weight 3): Are you Single Touch Payroll (STP Phase 2) compliant for all employees?

      • Yes - software reporting each pay run (score 5)
      • Reporting but not sure we're Phase 2 compliant (score 2)
      • Behind on STP reporting (score 0)
      • No employees - subbies only (score 5)

      If a weak option is selected: STP Phase 2 has been mandatory for all employers since 2022. Reporting happens at every pay run, not quarterly. Your accounting/payroll software must be STP2-enabled. The ATO is actively following up non-compliers. Closely-held employees (family members on payroll) also in scope.

    43. Q43 (TAX, weight 3): Are you ready for Payday Super (super paid with wages from 1 July 2026, not quarterly)?

      • Yes - cashflow modelled, software ready (score 5)
      • Aware of it, haven't prepared yet (score 2)
      • Not sure how it affects us (score 1)
      • Hadn't heard of it (score 0)

      If a weak option is selected: Payday Super commences 1 July 2026 - super contributions must be paid at the same time as wages, not quarterly. SG rate is also 12% from 1 July 2025. Cashflow impact is material - many businesses are losing the 90-day super float they've been using as working capital. Talk to your bookkeeper and bank now.

    44. Q44 (TAX, weight 2): Is your GST, BAS, and PAYG withholding all lodged and paid on time?

      • Yes - on time every quarter (score 5)
      • Usually on time, occasional late (score 3)
      • Often late (score 1)
      • Behind right now (score 0)

      If a weak option is selected: ATO lodgement and payment history is one of the first things a licensing regulator, insurer, or finance provider checks. Persistent late lodgement triggers ATO enforcement (Director Penalty Notices for company directors) and can threaten your contractor licence in some states. Get a registered BAS agent if you're falling behind.

    45. Q45 (TAX, weight 2): Do you correctly classify workers as employees or contractors, and meet SG obligations for contractors where required?

      • Yes - tested against ATO criteria (score 5)
      • Everyone's a contractor with an ABN (score 1)
      • Mix of both, informally decided (score 1)
      • Not sure how to classify (score 0)

      If a weak option is selected: Sham contracting is a serious issue - the ATO and Fair Work both audit. A subbie who takes most of their work from one business, is directed on hours and methods, and uses your tools/vehicles is likely an employee for tax and SG. SG applies to contractors paid wholly or mainly for their labour even if they have an ABN. Get advice if uncertain.

    46. Q46 (TAX, weight 2): Do you keep business records (invoices, receipts, bank statements, contracts) for at least 5 years?

      • Yes - digital cloud storage with backups (score 5)
      • Paper records, boxed up (score 3)
      • Some digital, some paper, not all findable (score 1)
      • Records are thin (score 0)

      If a weak option is selected: ATO requires 5-year retention minimum. For warranty and litigation purposes, 7+ years is prudent. Cloud-based accounting (Xero, MYOB, QuickBooks) with bank feeds automates most of this. Loss of records in an ATO audit means the ATO can make assessments based on their own estimates - almost always unfavourable.

    47. Q47 (INS, weight 3): Do you hold Professional Indemnity (PI) insurance for design, specification, or advice work?

      • Yes - appropriate to the work we do (score 5)
      • PL only, no PI (score 1)
      • Not sure (score 1)
      • We don't do design/spec work (score 5)

      If a weak option is selected: PL covers physical damage; PI covers financial loss from bad advice, design errors, incorrect specification. If you design circuits, specify equipment, provide written advice, or take a 'design and construct' role, PI matters. Many electrical engineers and specialists carry $1-5M PI. Commercial clients increasingly require it in contracts.

    48. Q48 (INS, weight 3): Is your Workers Compensation insurance current with the correct premium classification?

      • Yes - current and classified correctly (score 5)
      • Current but not reviewed for correct classification (score 3)
      • Have it but not sure of status (score 1)
      • No employees, sole trader (score 5)

      If a weak option is selected: Workers Compensation is state-based and compulsory for anyone with employees. icare (NSW), WorkSafe VIC, WorkCover QLD, and equivalents administer. Under-declared wages or wrong classification (electrical work is a higher premium category than office work) triggers premium recalculation plus penalties on audit.

    49. Q49 (INS, weight 2): Do you hold Tools and Plant insurance for vehicles and high-value equipment?

      • Yes - itemised cover for tools and test equipment (score 5)
      • Basic vehicle insurance only (score 2)
      • Minimal - we'd replace out of pocket (score 1)
      • Relying on home contents or vehicle insurance for tools (score 0)

      If a weak option is selected: Home contents and motor vehicle policies typically exclude business-use tools. A ute break-in with $30K of test equipment stolen is an uninsured loss unless you have specific tools/plant cover. Tools in transit, tools on site, and tools at home each need cover - check exclusions carefully.

    50. Q50 (INS, weight 2): Have you reviewed your insurance portfolio in the last 12 months against the jobs you're actually doing?

      • Yes - with broker, annually (score 5)
      • Renewed without review (score 2)
      • Haven't reviewed for 2+ years (score 1)
      • Not sure (score 0)

      If a weak option is selected: Insurance needs drift with your business - adding commercial work, taking on bigger jobs, buying more vehicles, employing staff. An annual review with a broker catches gaps. An uninsured $500K job gone wrong ends businesses.

    51. Q51 (INS, weight 2): Do your contracts require subcontractors to carry their own PL, PI where needed, and workers comp, with certificates on file?

      • Yes - certificates collected and tracked (score 5)
      • We ask but don't always get them (score 2)
      • Rely on head contractor to check (score 1)
      • No - not required (score 0)
      • Not applicable - we don't use subcontractors (score 5)

      If a weak option is selected: If your subbie is uninsured and causes damage, your insurer may decline the claim on the grounds you failed to verify cover. Collect current certificates of currency at engagement and before each renewal. Most commercial head contractors require this of you - mirror the practice with your own subbies.

    52. Q52 (ASB, weight 3): Before drilling, cutting, or disturbing building materials in pre-2004 structures, do you check for asbestos?

      • Yes - check asbestos register or test before work (score 5)
      • Usually - if it looks old or suspicious (score 2)
      • Rarely - assume it's fine (score 0)
      • We only work in new builds (score 5)

      If a weak option is selected: Buildings built before 31 December 2003 may contain asbestos. Disturbing unidentified asbestos is a serious WHS breach. Before drilling walls, cutting into eaves, or running cables through older buildings, check the asbestos register (required for all pre-2004 workplaces) or get a sample tested. The cost is minor compared to the consequences.

    53. Q53 (ASB, weight 2): If you encounter suspected asbestos, do you stop work and engage a licensed removalist as required?

      • Yes - documented process, stop-and-escalate (score 5)
      • Stop work but informal process (score 3)
      • Sometimes - if obvious (score 1)
      • We remove minor amounts ourselves (score 0)

      If a weak option is selected: Under WHS Regulations, friable asbestos (any amount) requires a Class A licensed removalist. Non-friable over 10m² requires Class B. Unlicensed removal of larger quantities is a criminal offence in most states. Have a stop-work trigger, a list of licensed removalists, and document every encounter.

    54. Q54 (ASB, weight 2): Are staff trained on asbestos awareness and identification?

      • Yes - training records kept (score 5)
      • Informal awareness (score 2)
      • Only staff who've been on a specific course (score 3)
      • No formal training (score 0)

      If a weak option is selected: Asbestos awareness training is a WHS duty where workers may encounter asbestos - which for electrical includes almost any residential work in pre-2004 housing stock. Typical 1-day course. Keep training records; refresh every 2-3 years or on regulatory change.

    55. Q55 (ASB, weight 2): Do you request asbestos clearance certificates before returning to work in areas where asbestos was removed?

      • Yes - always sight the clearance certificate first (score 5)
      • Usually (score 3)
      • We trust the removalist's verbal confirmation (score 1)
      • Not aware this is our responsibility (score 0)
      • Not applicable - no asbestos removal occurs on our jobs (score 5)

      If a weak option is selected: A licensed asbestos assessor (for Class A work) or competent person (for Class B) must issue a written clearance certificate before re-occupation. No certificate, no re-entry - and you need to sight it, not just trust the word of the removalist. A PCBU commissioning removal must ensure the clearance happens.

    56. Q56 (ASB, weight 2): Do you correctly dispose of minor amounts of non-friable asbestos (where allowed) through a licensed disposal facility?

      • Yes - wrapped, labelled, licensed facility only (score 5)
      • Varies by job (score 2)
      • Into the skip or general waste sometimes (score 0)
      • We don't handle asbestos ourselves (score 5)

      If a weak option is selected: Even where ≤10m² of non-friable asbestos doesn't require a licensed removalist, disposal still requires a licensed disposal facility. General waste, kerbside skips, and unlicensed sites are illegal. Keep disposal dockets with your job records - environmental regulators check these in complaints investigations.

    57. Q57 (CYB, weight 3): When you receive an invoice with new or updated bank details, do you verify the change by calling the supplier on a known phone number?

      • Yes - always, using a number from a past invoice or their website (score 5)
      • Usually - but sometimes trust the new details (score 1)
      • We just pay it (score 0)
      • We've been caught out before (score 0)

      If a weak option is selected: This is the single highest-impact cyber control for trades. The AFP issued a specific warning in October 2025 about BEC scams targeting construction. Case law: Inoteq Pty Ltd was ordered to repay $235K they'd sent to a fraudster impersonating their electrical contractor. NEVER call the number on the new invoice. Only verify using a previously known number.

    58. Q58 (CYB, weight 3): Is multi-factor authentication enforced on your business email and accounting software (banking MFA is typically bank-enforced)?

      • Yes - handled in-house, and we verify it (reports, logs, or checks) (score 20)
      • Yes - outsourced to our IT provider, verified (they send us reports) (score 20)
      • Yes - in-house, but not formally verified (score 15)
      • Yes - outsourced, but we assume rather than verify (score 15)
      • Partial or inconsistent across staff/devices (score 8)
      • No, or don't know (score 0)

      If a weak option is selected: Email is the primary attack surface for BEC - compromise the email and the attacker watches your real invoice traffic for weeks, then strikes at the perfect moment. MFA on email (Microsoft 365 / Google Workspace) stops 99% of email account takeovers. Accounting software MFA must be turned on manually in settings. If your IT provider handles accounts, ask for a quarterly MFA-coverage report naming any account still without MFA.

    59. Q59 (CYB, weight 2): Do staff (especially anyone who handles invoices or makes payments) receive cyber awareness training at least annually?

      • Yes - annual training with scenarios (score 5)
      • Once at induction, never again (score 2)
      • Informal briefings (score 1)
      • No cyber training (score 0)

      If a weak option is selected: Every staff member is a target. The $41,800 NSW construction case, the $3M Sydney hospital case, and the $50K Pure Glass WA case all traced back to staff who didn't recognise the signs. Annual training with realistic scenarios (phishing simulations, invoice verification role-plays) is low-cost and high-leverage.

    60. Q60 (CYB, weight 2): Do all staff use a business password manager with unique strong passwords for every business account?

      • Yes - handled in-house, and we verify it (reports, logs, or checks) (score 20)
      • Yes - outsourced to our IT provider, verified (they send us reports) (score 20)
      • Yes - in-house, but not formally verified (score 15)
      • Yes - outsourced, but we assume rather than verify (score 15)
      • Partial or inconsistent across staff/devices (score 8)
      • No, or don't know (score 0)

      If a weak option is selected: Reused passwords mean one breach anywhere becomes a breach everywhere. Password managers (1Password, Bitwarden, Dashlane) solve this - unique 20-character random passwords for every account, accessible with one master password. If your IT provider deploys the password manager, ask for a report on staff adoption (vaults created, weak-password warnings still outstanding).

    61. Q61 (CYB, weight 2): Do you have a documented process for responding to a suspected cyber incident (bank fraud, email compromise, data breach)?

      • Yes - written, tested, everyone knows the steps (score 5)
      • We'd figure it out (score 1)
      • No process (score 0)
      • It's happened before, we know (score 3)

      If a weak option is selected: The first hour after a BEC matters most. Process: (1) Call the bank immediately - funds can sometimes be recalled if reported within hours. (2) Report to ReportCyber (cyber.gov.au). (3) Change affected passwords. (4) Notify your insurer. (5) Check for lateral compromise. Have the phone numbers and logins prepared in advance.

    62. Q62 (CYB, weight 2): Are critical systems and devices (phones, laptops, routers, accounting software) kept patched and up to date on a managed schedule?

      • Yes - handled in-house, and we verify it (reports, logs, or checks) (score 20)
      • Yes - outsourced to our IT provider, verified (they send us reports) (score 20)
      • Yes - in-house, but not formally verified (score 15)
      • Yes - outsourced, but we assume rather than verify (score 15)
      • Partial or inconsistent across staff/devices (score 8)
      • No, or don't know (score 0)

      If a weak option is selected: Unpatched systems are the entry point for ransomware. The ASD Essential Eight lists patching applications and operating systems as fundamental controls. Enable auto-updates on phones, laptops and routers; if a device is too old to get patches, replace it. If your IT provider handles patching, ask for a monthly patch-compliance report - 'everything is up to date' without evidence is the same as 'we hope it is'.

    63. Q63 (CYB, weight 2): Are business-critical data backups (accounting records, job files, contracts) stored offsite AND tested against actual restoration at least annually?

      • Yes - handled in-house, restore-tested, and evidence retained (score 20)
      • Yes - outsourced to our IT provider, restore-tested and verified by provider report (score 20)
      • Yes - in-house backups exist, but restore testing/evidence is informal (score 15)
      • Yes - outsourced to our IT provider, but we assume rather than verify (score 15)
      • Partial, incomplete, or not covering all critical systems (score 8)
      • No reliable backup and restore process, or don't know (score 0)

      If a weak option is selected: Ransomware case studies: small businesses routinely lose 2–3 weeks of operating data in attacks. Effective backup strategy: cloud-native (Microsoft 365 / Google Workspace with retention), plus an independent backup provider (Druva, Backblaze, Veeam), plus an annual restore test. If your IT provider runs the backup, ask for the dated restoration-test report - a provider that can't produce one is charging you for hope.

    64. Q64 (CYB, weight 1): Do you have cyber insurance, either standalone or bundled into your business policy?

      • Yes - reviewed against threat level (score 5)
      • Bundled in business policy, haven't reviewed detail (score 3)
      • No cyber insurance (score 1)
      • Not sure if we have it (score 1)

      If a weak option is selected: Cyber insurance covers investigation, legal costs, notification, business interruption, and sometimes ransomware payments. Standalone policies start around $1500/year for small businesses. Check what's excluded - many policies exclude BEC / 'social engineering' unless you specifically elect that cover.

    Guidance

    Licensing & Registration

    Electrical licensing is state-regulated with national mutual recognition. Your contractor licence is the business-level authority to advertise, contract, and sign off on work; your electricians each need individual work licences. Scope creep - doing work beyond your endorsement - is the most common regulator finding.

    • Build a staff licence register (1–2 hours · Administrative): List every licensed worker (employees and regular subbies) with licence number, class, expiry, and photo of the current card. Set 90-day expiry reminders. Verify each at engagement and annually via your state regulator's public licence check.
    • Audit scope against endorsements (Annually · Owner / Qualified Supervisor): List every service you offer (domestic, commercial, solar, data cabling, EV charging, automation). Cross-check against your licence endorsements. Solar needs CEC accreditation for rebates; data cabling needs ACMA Cabler Registration; each state has specific restricted licence categories.
    • Confirm your Qualified Supervisor arrangement (At renewal · Owner): Your contractor licence depends on a named Qualified Supervisor (terminology varies: Nominee, Qualified Technical Person, Qualified Business Person). If they leave, retire, or let their certification lapse, your contractor licence is at risk. Keep a succession plan and confirm the arrangement at every renewal.
    • Set up AMR notifications if working interstate (Before first interstate job · Owner): Automatic Mutual Recognition covers all states/territories except QLD. Notify the regulator in each state you work in. In VIC, email Energy Safe Victoria for ESVConnect access to lodge COES. QLD still requires full mutual recognition application - not automatic.
    • Put your contractor licence number on everything (Ongoing · Marketing): Website footer, email signature, vehicle signage, quotes, invoices, business cards. Most states require it on advertising; even where not required, it's a consumer trust signal and makes verification easy.

    Electrical Safety Certification

    The compliance certificate you issue at the end of every job (CCEW, COES, CoC - name varies by state) is a formal legal document. Your signature means you personally guarantee the installation meets the Wiring Rules and applicable standards, regardless of who did the physical work. Regulators audit certificates and lodgement timeliness; late, missing, or false certificates are the top source of licence disciplinary actions.

    • Move to electronic certificate lodgement (One-time setup · Owner): Handwritten and PDF certificates are no longer accepted in NSW (BCNSW eCert), VIC (ESVConnect), and most other states. Set up your account with the state portal, integrate with your job management software where possible, and issue certificates at practical completion - not after payment.
    • Link certificates to job records (Process change · Ongoing): Every certificate should sit in a digital record alongside the quote, variations, invoice, test results, and completion photos. If a fault occurs years later, you need to produce this in minutes. A consistent filename pattern (customer-date-cert#) and cloud storage (Google Drive, Dropbox, SharePoint) solves this cheaply.
    • Establish a QA process for subcontracted work (Before signing off · Qualified Supervisor): When you sign the certificate, you own the installation. Document what you checked: test results, photos of key connections, inspection of panels/switchboards. A 15-minute QA walk-through catches 90% of subbie errors and protects you in a dispute or audit.
    • Record actual test values, not just pass/fail (Every job · Licensed electrician): AS/NZS 3000 Section 8 requires verification tests. Your certificate or linked record should show measured values: insulation resistance (MΩ), earth continuity (Ω), RCD trip times (ms). 'Pass' alone is insufficient evidence if questioned. Test equipment must be calibrated.
    • Have an electrical safety incident reporting plan (Documented · Known by all staff): Serious shocks, electrical fires, and fatalities must be reported to your state electrical safety regulator (separate from WHS incident reporting). Timeframes vary: typically 24 hours. Put the phone number and process in the van and in every worker's phone.

    Technical Standards & Testing

    Every licensed electrician must work to current AS/NZS 3000 (Wiring Rules) and applicable supporting standards. Test equipment must be calibrated; testing must be documented. State regulators and insurers audit this in complaints and disputes. Ignorance of current standards is not a defence.

    • Confirm you have access to current standards (Annual check · Each licensed worker): AS/NZS 3000:2018 is the current Wiring Rules edition. AS/NZS 3008.1 (cable selection), AS/NZS 5033 (solar PV), AS/NZS 4777 (grid connect inverters), AS/NZS 61439 (switchgear), AS/NZS 4836 (safe working) and AS/NZS 3760 (test and tag) are commonly needed. Digital subscription via Standards Australia or industry body membership is cost-effective.
    • Calibrate test equipment annually (Once a year · Admin + each worker): Uncalibrated equipment invalidates every certificate you issue. Annual lab calibration (NATA-accredited) is standard. Tag each instrument with next-due date. Keep certificates on file - regulators ask for these first in an audit.
    • Review RCD and earthing requirements against current rules (Refresher · Qualified Supervisor): AS/NZS 3000:2018 extends RCD protection requirements to almost all final sub-circuits in new and altered installations. Altered circuits not fitted with RCDs is a common compliance failure. Run a toolbox talk for all licensed workers on current requirements.
    • Implement documented isolation and tagging (LOTO) (One-time procedure · Ongoing practice): Personal locks and tags for every worker. Written isolation procedure covering switchboard, local isolation, and remote sources. Verify de-energisation with a calibrated tester before work starts. A missing LOTO is a WHS breach that can void insurance and trigger criminal prosecution after a fatality.
    • Scope-limit your work to your competency (Business policy · Owner): HV, hazardous area (EEHA), complex automation, and large industrial work need specific qualifications and endorsements. Establish a clear 'we don't do this' list and refer those jobs to specialists. Most licence breach cases involve someone doing work beyond their competency because the job was there.

    Work Health & Safety

    Electrical trades have the risks of every construction trade plus the electrical-specific risks of arc flash, electric shock, and working live. White Card, SWMS for High Risk Construction Work, pre-work risk assessment, electrical hazard training, and psychosocial hazard management are the core obligations. WHS regulator prosecutions routinely target the trades sector.

    • Verify and track White Cards for everyone (At engagement + annually · Admin): General Construction Induction Training is mandatory nationwide for any construction site entry. Hold a copy for every employee and every regular subbie. Without a White Card, a site injury becomes your personal liability.
    • Prepare job-specific SWMS for High Risk Construction Work (Before each job · Qualified Supervisor): 11 HRCW categories under WHS Regulations - live electrical over 50V is one; work at heights over 2m, confined spaces, hot work, and several others apply to electrical work. Generic templates don't meet the test. Make it site-specific, have workers sign it, review if conditions change.
    • Document pre-work site risk assessments (Every job · Licensed electrician on site): JSA / Take 5 / pre-start - one page, 2-minute check, covers hazards, controls, worker acknowledgement. A quick app (SafetyCulture, Dashpivot, or plain PDF template) makes this sustainable. This is your single best defence if something goes wrong on a small job.
    • Train on psychosocial hazards and mental health (Annual · All staff): Trades businesses have documented higher rates of suicide, fatigue incidents, and bullying claims. Psychosocial hazards are now explicit WHS duties across all jurisdictions. Mates in Construction and industry body programs offer low-cost training and resources. This matters - and it's regulated.
    • Confirm incident reporting plan for WHS and electrical safety (Documented · Known by all staff): Two separate reporting obligations: WHS notifiable incidents (state WHS regulator) and electrical safety incidents (state electrical regulator). Phone numbers and process in the van, in worker phones, and on the office wall.

    Consumer Law & Contracts

    The Australian Consumer Law applies to every trades job done for a consumer. Consumer guarantees (due care and skill, fit for purpose, within reasonable time) can't be contracted out of. Written quotes, documented variations, and a fair complaints process are both legal requirements and practical protection against disputes.

    • Use written quotes with clear scope, inclusions, and exclusions (Every job · Owner / Estimator): A quote is a fixed price; an estimate is approximate - calling one the other is misleading conduct. Include scope, price, what's included, what's excluded, and validity period. Most states require written quotes over a threshold (typically $200-500). Written quotes are your best defence against scope disputes.
    • Implement a variation process with customer sign-off (One-time setup · Ongoing use): Scope changes not signed in writing are the #1 cause of trades payment disputes. Simple variation form: item, reason, cost, date, both signatures. Digital signing via a free tool (or even SMS 'approved' from known number) works. Never start variation work without signed authorisation.
    • Review standard contract terms for unfair terms risk (Annual · Legal review): Unfair contract terms now carry civil penalties up to ~$50M for companies. One-sided cancellation rights, excessive termination fees, unilateral price changes - all risks. Get your standard quote/contract terms reviewed annually by a commercial lawyer or through your industry body legal service.
    • Publish a complaints handling process (Customer-facing document · One-time): How to complain, who handles it, expected response time, resolution options, escalation to state consumer affairs. ACL requires you to address complaints in good faith. Well-handled complaints become referrals; badly-handled ones become regulator complaints and Google reviews.
    • Comply with cooling-off rules on unsolicited sales (If applicable · Sales staff): Doorknocking, cold follow-ups at home, door-to-door solar sales - all trigger a 10 business-day cooling-off period under ACL Part 3-2 Division 2. Must be in writing and clearly notified to the customer. Solar door-knockers are a recent ACCC enforcement focus.

    Security of Payment

    Every state has a Security of Payment Act giving contractors and subbies a statutory right to progress payments and a fast adjudication process for disputes. Timing and content rules are strict but powerful - miss a response deadline and you're liable for the full amount claimed. Understanding SOPA is both a defensive and offensive capability.

    • Train your office on serving and receiving payment claims (Internal training · 2 hours): A valid payment claim specifies work done, amount claimed, and states it's made under the Act. Know the statutory response window in your state (typically 10 business days). Missed response = full amount payable, no defence available. This is critical knowledge for anyone in accounts.
    • Align standard payment terms with statutory caps (Contract template · One-time update): VIC 2025 SOPA reform introduces a 20-business-day cap on payment terms (commencing by 1 Sept 2026). NSW subcontractor terms capped at 20 business days. Update templates. If your contract sets 60 days but the statute caps at 20, the statute wins and you may be in breach by not paying earlier.
    • Calendar payment claim deadlines per job (Job tracking · Per project): Payment claim windows after last work on site: NSW 12 months, VIC 3 months, QLD 6 months. Set reminders at 75% of the applicable window. Miss it and you lose SOPA protection - normal debt recovery still available but exponentially harder and slower.
    • Remove 'pay when paid' clauses from all contracts (Template review · One-time): 'Pay when paid' and 'pay if paid' clauses are void under all state SOPAs. You can't condition subbie payment on receipt from the principal. Audit your subcontract templates and remove.
    • Comply with retention trust rules if applicable (Ongoing · CFO / Owner): NSW and QLD have strict retention trust account rules for head contractors above certain thresholds. Trust account, annual audit, compliance officer appointment, and potentially significant penalties for breach. If you hold subbie retentions, check your obligations this quarter.

    Tax, TPAR & Subcontractors

    If building and construction is 50%+ of your business income or activity and you pay subcontractors, TPAR is mandatory by 28 August each year. Penalties start at ~$5,550 for individuals, higher for companies, plus non-lodgement is an ATO audit trigger. Add STP2, GST, PAYG, Workers Comp, super (12% from July 2025, payday super from 1 July 2026), and the tax/reporting layer is substantial.

    • Confirm TPAR applies to your business - and lodge on time (Annual · 28 August): 50%+ of income from building/construction + payments to subbies = TPAR required. Report each subbie's ABN, name, address, total paid, GST included, withholding. Modern accounting software (Xero, MYOB, QuickBooks) generates TPAR automatically if you've recorded subcontractor payments correctly throughout the year.
    • Collect subbie details at engagement (Onboarding · One-time per subbie): ABN, full business name and address, bank details, workers comp certificate of currency, licence details where applicable. Don't chase this at year-end. A simple onboarding form (paper or digital) makes TPAR a 30-minute task instead of 3 days of chasing.
    • Confirm STP Phase 2 compliance (Immediate check · Bookkeeper): Every employer must report under Single Touch Payroll Phase 2. Happens at every pay run, not quarterly. Your payroll software must be STP2-enabled. Closely-held employees (family on payroll) also in scope. ATO is actively following up non-compliers.
    • Prepare for Payday Super (Before 1 July 2026 · CFO/Owner): Super contributions must be paid with wages, not quarterly, from 1 July 2026. SG rate is 12% from 1 July 2025. Cashflow impact is material for businesses that have been using the 90-day super float as working capital. Talk to your bookkeeper and bank now about working capital needs.
    • Test worker classification against ATO criteria (Annual review · Owner + accountant): Sham contracting is actively audited by ATO and Fair Work. A 'subbie' who takes most of their work from you, uses your tools and vehicles, is directed on hours, and isn't running a genuine business of their own is likely an employee for tax, SG, and workers comp. The wrong classification can cost years of back-pay plus penalties.

    Insurance & Workers Compensation

    Public Liability, Professional Indemnity (for design/spec work), Tools and Plant, Workers Compensation, and Cyber insurance form the core portfolio. Under-insurance and classification errors are the most common failure modes, and an uninsured major loss ends businesses. Annual review with a broker who specialises in trades is the single highest-leverage step.

    • Review Public Liability sum insured against contract requirements (Annual · With broker): $10M PL is inadequate for most commercial head contract requirements. $20M is the emerging minimum; some tier-1 contracts require $30M+. An electrical fire in a multi-million-dollar property with $10M cover leaves you personally exposed for the gap. Review annually or when changing the type of work you do.
    • Consider PI insurance if you do design, spec, or advice work (Within 3 months · With broker): PL covers physical damage; PI covers financial loss from errors in design, advice, or specification. If you take a 'design and construct' role, specify equipment, provide written technical advice, or handle complex commercial work, PI matters. Typical cover $1-5M for specialists. Commercial contracts increasingly require it.
    • Verify Workers Comp classification (Next renewal · With accountant/broker): State workers comp (icare NSW / WorkSafe VIC / WorkCover QLD / etc.) is compulsory with employees. Electrical work is a higher premium category than office work - under-classifying wages or mis-classifying staff roles triggers premium recalculation plus penalties on audit. Check your declaration matches your actual wage split.
    • Collect certificates of currency from every subbie (Ongoing · Admin): PL, PI (where needed), and workers comp COCs from every subbie at engagement and on renewal. If your subbie is uninsured and causes damage, your insurer may decline the claim on the grounds you didn't verify cover. This is standard practice on commercial jobs - mirror it with your own subbies.
    • Add cyber insurance or verify existing cover (Next renewal · With broker): Standalone cyber policies start ~$1,500/year for small businesses. Bundled cover in business policies varies widely - check exclusions, especially for Business Email Compromise / 'social engineering' which is often excluded unless specifically elected. Given the AFP's October 2025 BEC warning for construction, this is a timely add.

    Asbestos & Hazardous Materials

    Buildings built before 31 December 2003 may contain asbestos. Electrical work in older buildings - drilling walls, cutting eaves, running cables - routinely disturbs asbestos. WHS regulators treat unsafe disturbance as a serious offence; friable asbestos requires a Class A licensed removalist, non-friable over 10m² requires Class B. Every electrical business working in existing buildings needs an asbestos awareness and response plan.

    • Check the asbestos register before work on pre-2004 workplaces (Every pre-2004 job · Licensed electrician): All workplaces built before 31 December 2003 must have an asbestos register (employer duty, but you need to see it). Residential properties don't have one by default but owners often have reports. Check before drilling walls, cutting into roof spaces, or running cables. If you can't get the register, sample-test.
    • Establish a stop-work and escalation process (Documented · Known by all staff): If suspected asbestos is encountered unexpectedly: stop work, secure the area, notify the client and (if applicable) the PCBU/head contractor. Have a pre-vetted list of licensed removalists with contact details. Don't 'just brush it off' - unsafe disturbance is a WHS offence and can trigger medical monitoring costs.
    • Run asbestos awareness training (Induction + 2-yearly refresh · All field staff): 1-day asbestos awareness course (nationally recognised CPCCDE3015 or equivalent). Teaches identification, ACM types, safe handling, legal duties. Essential for any electrical business doing residential or commercial renovation work.
    • Always sight clearance certificates before re-entry (Every asbestos removal job · Licensed electrician): Class A removal: licensed asbestos assessor issues clearance. Class B removal: competent person issues clearance. Sight the certificate before any worker returns to the area. PCBU commissioning removal must ensure clearance happens - if you commissioned it, that's you.
    • Use licensed disposal facilities for any asbestos waste (Every handling · Admin): Even ≤10m² non-friable (which doesn't require a licensed removalist) still requires a licensed disposal facility. No general waste, no kerbside skips, no unlicensed fill sites. Keep disposal dockets with job records. Environmental regulators audit disposal trails in complaints.

    Cyber & Business Email Compromise

    The AFP issued a specific October 2025 warning about BEC scams targeting the construction sector. Documented Australian cases: Inoteq/Mobius (~$235K, court-ordered repayment), NSW construction firm ($41,800), Pure Glass WA ($50,000), private Sydney hospital ($3M+). Electrical businesses have the exact risk profile criminals target - high-value invoices, frequent subcontractor payments, limited cyber resources. This is now a priority risk area, not an IT afterthought.

    • Verify every bank detail change by phone on a previously-known number (Every invoice with new details · Accounts): This single control stops most BEC attacks. If a supplier invoice has new bank details, or an email says 'please update our account for future payments', call the supplier on a phone number from a PREVIOUS invoice or their website - never the number on the new invoice. Attackers sometimes spoof the number too, so verify via an independent source.
    • Enable MFA on email, banking, and accounting software (One-time setup · Owner + IT): Email MFA (Microsoft 365 / Google Workspace) stops 99% of email account takeovers. Without MFA, a stolen password is game over. Banking MFA is usually enforced. Accounting software (Xero, MYOB, QuickBooks) MFA is a settings toggle that's often off by default. Turn them all on this week.
    • Run annual cyber awareness training (Yearly · All staff + subbies handling invoices): Staff are the target. Annual training covering: BEC patterns, phishing signs, verification procedures, incident reporting. Low-cost options: ACSC Cyber Wardens (free), industry body programs, paid phishing simulation services (~$10-15/user/month). Scenarios matter more than slides - practice the verification call.
    • Document an incident response plan (One-time · Review annually): First hour after a BEC matters most. Plan: (1) Call the bank - funds can sometimes be recalled within hours. (2) Report to ReportCyber at cyber.gov.au. (3) Change affected passwords immediately. (4) Notify your insurer and brokers. (5) Check for wider compromise - this is often one of several attacks. Put phone numbers and account logins in an offline document prepared in advance.
    • Back up critical data with tested restores (Ongoing · Annual test): Ransomware cases routinely cost small businesses 2-3 weeks of data. Effective backup: cloud-native (Microsoft 365 / Google Workspace retention), plus independent backup (Backblaze, Druva, Veeam), plus an annual restore test. A backup you haven't restored from is a hope, not a plan.

    Disclaimer

    General disclaimer

    This assessment is an indicative self-diagnostic tool and does not constitute legal, regulatory, technical, or tax advice. It reflects the national and state regulatory landscape as of April 2026, including AS/NZS 3000:2018, the Privacy Act reforms, TPAR obligations, and state-based electrical safety legislation.

    Licensing and technical advice

    Electrical licensing is state-regulated and specific compliance obligations vary between NSW (NSW Fair Trading + Building Commission NSW), VIC (Energy Safe Victoria), QLD (Electrical Safety Office / QBCC), WA (Building and Energy), SA (Office of the Technical Regulator), TAS (Workplace Standards Tasmania), ACT (Access Canberra), and NT (NT Electrical Workers and Contractors Licensing Board). This tool is not a substitute for advice from your state regulator, industry body (NECA, MEA), or a qualified compliance adviser.

    Tax and business advice

    TPAR, STP, superannuation, and GST obligations are administered by the ATO and specific to your business structure. For definitive tax and bookkeeping advice, consult a registered tax agent.