Employment Rights Bill: A Step Change in Employer Responsibility for Harassment

The direction of travel in UK employment law is clear: expectations on employers to prevent workplace harassment are rising, significantly.

Following

introduction of the preventative duty in October 2024, the upcoming reforms under the Employment Rights Act will go even further. These changes are not just incremental, they represent a material shift in legal risk and accountability for employers.

From “Reasonable Steps” to “All Reasonable Steps”

Currently, employers must take reasonable steps to prevent sexual harassment. However, under the new legislation, this will be strengthened to a requirement to take “all reasonable steps” expected to come into force in October 2026.

That single word – all - matters.

It raises the bar considerably and signals that employers will need to demonstrate that:

• They have proactively identified risks

• They have implemented comprehensive and targeted controls

• There are no further reasonable steps they could have taken

This aligns more closely with the existing “all reasonable steps” defence in discrimination law, but flips it into a proactive duty, not just a legal defence.

Third-Party Harassment Is Back and Broader

One of the most significant developments is the reintroduction and expansion of third-party harassment liability.

Under the new rules:

• Employers can be liable if an employee is harassed by a client, customer, contractor, or other third party

• This applies across all protected characteristics, not just sexual harassment

• Liability arises where the employer failed to take all reasonable steps to prevent it

For many organisations, particularly those with customer-facing roles, this is a major risk exposure.

Additional Key Changes Employers Should Note

The Employment Rights Act also introduces several wider protections that intersect with harassment risk:

• From April 6th 2026, whistleblowing protections now extended to include disclosures of sexual harassment

• Limitations on NDAs, meaning confidentiality clauses cannot be used to suppress allegations of harassment in many cases

• A likely move toward greater regulatory clarity on what constitutes “reasonable steps” in the future

Taken together, these changes make it harder for organisations to rely on process alone and easier for employees to challenge inaction.

What This Means in Practice

The legal message is simple: “tick-box compliance” will not be enough.

Employers will need to evidence a structured, risk-based approach to preventing harassment.

From a practical perspective, this includes:

• Identifying high-risk roles and environments (e.g. front-line teams, lone working, travel)

• Addressing third-party risks explicitly in policies and processes

• Ensuring clear, accessible reporting mechanisms

• Delivering regular, meaningful training (not one-off sessions)

• Monitoring workplace culture, behaviours and trends

Your approach should be dynamic, documented and regularly reviewed.

Where Many Organisations Are Still Falling Short

In our experience, common gaps include:

• Policies that don’t fully address third-party interactions

• Limited focus on out-of-hours or social event risks

• Inconsistent or outdated training programmes

• Lack of data-driven monitoring (e.g. incident tracking and trend analysis)

Simple, practical measures, like communicating behavioural expectations ahead of events or ensuring suppliers are aware of your standards, can materially reduce exposure .

The Role of A Risk Assessment

With the move to an “all reasonable steps” standard, risk assessment becomes critical.

A structured sexual harassment risk assessment enables you to:

• Identify where harm is most likely to occur

• Evaluate whether your current controls are sufficient

• Demonstrate that you have taken proportionate and proactive steps

It also provides a clear audit trail, something that will be increasingly important if challenged.

As highlighted in our checklist, this should cover:

• Policy alignment with current legislation

• Third-party risk controls

• Training frequency and effectiveness

• Reporting culture and accessibility

• Ongoing monitoring and review processes

Final Thought: This Is About Culture as Much as Compliance

The legislation is deliberately pushing employers toward prevention, not reaction.

Organisations that take this seriously - embedding respect, accountability, and psychological safety, will not only reduce legal risk but also strengthen engagement and retention.

Those that don’t may find themselves exposed.

Need Support?

If you would like a copy of our Sexual Harassment Risk Assessment Checklist or support in reviewing your current approach in light of these upcoming changes, please do get in touch.

Now is the time to act as “reasonable” becomes “all reasonable.”