It Wasn’t Me, It Was My Employee: What You Need To Know About Employers’ Liability (2026 Updated)

byRowan Gardoce5 January 202511 min read

Contents

What Does “Employers’ Liability” Actually Mean In New Zealand?
When Can You Be Liable For What An Employee Does?
Which Laws Commonly Create Risk For Employers?
How Do You Reduce The Risk Of Being Liable For Employee Actions?
What Should You Do If An Employee Causes A Problem?
Key Takeaways

It’s one of those stomach-drop moments as a business owner: you get a complaint, a demand letter, or an angry email, and the story starts with “your staff member said…” or “your employee did…”.

Even if you personally had nothing to do with it, you can still end up responsible. That’s because New Zealand law often treats acts done “in the course of employment” as acts the employer must answer for.

This 2026 update reflects how common these issues have become in modern workplaces (think: social media, surveillance tech, remote work, and higher expectations around health and safety and privacy). The good news is you can reduce your exposure with the right legal foundations and day-to-day systems.

Below, we break down when an employer can be liable for an employee’s conduct, what laws commonly come into play, and the practical steps you can take to protect your business from day one.

What Does “Employers’ Liability” Actually Mean In New Zealand?

“Employers’ liability” isn’t just one rule. It’s a useful umbrella term that covers the different ways your business can become legally responsible because of:

something an employee did (or didn’t do) at work
the way you trained, supervised, or managed your team
the workplace systems you put in place (or failed to put in place)

In practice, employer liability usually shows up in a few common buckets:

1) Vicarious Liability (You’re Liable Because They’re Your Employee)

This is the big one. Vicarious liability means you can be responsible for your employee’s wrongful acts if they happen in the course of employment (even if you didn’t authorise it).

For example, an employee might:

give a customer misleading information
damage a client’s property while performing a service
make a defamatory comment from the business account
breach someone’s privacy while handling personal information

The tricky part is that “in the course of employment” isn’t always obvious. It can include conduct that was careless, against policy, or outside the employee’s specific instructions-if it’s sufficiently connected to their role.

If you want a plain-English explanation of how this works, it’s worth understanding vicarious liability in a business context, because it comes up across customer disputes, negligence claims, and workplace complaints.

2) Direct Liability (You’re Liable Because You Did Something Wrong As The Employer)

Sometimes the claim isn’t really “your employee messed up” - it’s “you, as the employer, failed to do what you were supposed to do”.

This might involve allegations that you:

didn’t train staff properly
didn’t supervise staff appropriately
ignored warning signs (for example, repeated complaints)
didn’t provide a safe system of work
didn’t have adequate policies or reporting processes

This is closely connected to your duty of care as an employer-especially when health and safety is involved.

3) Contractual Liability (You’re On The Hook Under Your Customer Contract)

Even if a claim could be framed as “employee misconduct”, the customer may simply point to the contract and say: “We contracted with your business, not your staff member.”

That means your exposure often depends on:

what you promised (expressly or implicitly)
your limitation of liability clause (if any)
your dispute resolution process
who is responsible for subcontractors or agents

This is why having well-drafted customer terms and service agreements matters-it’s not just paperwork, it’s risk management.

When Can You Be Liable For What An Employee Does?

Most business owners assume liability only happens if the employer “approved” the conduct. In reality, the legal question is often about connection rather than permission.

While every case depends on facts, here are the situations where employer liability commonly arises.

Acts Done While Performing Work (The Classic Scenario)

If an employee is doing their job-serving customers, delivering services, driving to a job site, answering enquiries-and something goes wrong, you may be liable.

Typical examples include:

Negligence: a staff member forgets a safety step and a customer is injured
Property damage: a technician damages equipment during installation
Misleading statements: a salesperson makes inaccurate claims about pricing, availability, results, or features

Misconduct “Connected” To The Job (Even If It Breaks Your Rules)

Businesses often think: “But we have a policy saying staff must never do that.”

Policies help, but they don’t automatically remove liability. If the conduct is still closely connected to the employee’s role (for example, they were dealing with a customer as part of their job), you can still face a claim.

In 2026, employee conduct increasingly involves online channels-especially where staff have access to business pages, DMs, or accounts.

If employees post, respond to reviews, or message customers from business accounts, you should treat that as an extension of your operations. You can reduce risk by setting expectations early with an Employee social media use approach that’s clear, practical, and actually followed.

Acts Outside Work Hours (Sometimes Still Your Problem)

Off-duty conduct can still create issues for employers, especially if there’s a connection to the workplace (for example, a work function, work chat group, or something involving co-workers and workplace relationships).

Even if it doesn’t create legal liability to a third party, it can trigger employment law obligations: complaints, investigations, disciplinary processes, or obligations to keep the workplace safe.

Which Laws Commonly Create Risk For Employers?

Employer liability isn’t limited to one area of law. It can pop up across employment, consumer, privacy, health and safety, and even criminal law-depending on what happened.

Health And Safety (Health And Safety At Work Act 2015)

If your employee’s actions result in someone being put at risk (including other staff, contractors, customers, visitors, or the public), health and safety laws can come into play.

Under the Health and Safety at Work Act 2015, as a PCBU (person conducting a business or undertaking), you’re expected to take reasonably practicable steps to keep people safe. That includes having:

safe systems and processes
training and supervision
hazard identification and risk controls
incident reporting and response

It’s not enough to rely on “common sense” or assume staff will figure it out. If something goes wrong and you can’t show you had proper systems in place, that’s where risk escalates.

Consumer Law (Fair Trading Act 1986 And Consumer Guarantees Act 1993)

Many “employee mistakes” are actually consumer law issues. A staff member might overpromise, misquote a price, or misdescribe what’s included.

Key points to keep in mind:

The Fair Trading Act 1986 prohibits misleading or deceptive conduct in trade. This can include ads, sales scripts, and statements made by your staff.
The Consumer Guarantees Act 1993 provides automatic guarantees for consumers (for example, services carried out with reasonable care and skill). If your employee performs the service poorly, your business may still owe remedies.

This is why training staff on what they can and can’t promise is not optional-especially for sales roles and customer-facing teams.

Privacy (Privacy Act 2020)

If your employee mishandles personal information-like customer contact details, health information, payment details, CCTV footage, or staff records-you can face privacy complaints, investigations, and reputational damage.

A strong Privacy Policy helps set expectations externally, but you also need internal controls: access restrictions, retention rules, and training.

Privacy problems often happen because employees are trying to be helpful quickly (for example, emailing information to the wrong person, oversharing in a phone call, or storing files on personal devices). Those “small mistakes” can become serious fast.

Workplace Surveillance And Monitoring

Many employers use CCTV, call recording, GPS tracking, or device monitoring for safety and security. But if employees use those tools improperly-or if monitoring is rolled out without the right safeguards-you can create privacy and employment issues.

If you’re using cameras at work (or considering it), it’s worth checking your approach against what’s considered acceptable in New Zealand workplaces, including whether cameras in the workplace are being used lawfully and transparently.

Employment Law (Employment Relations Act 2000 And Human Rights Act 1993)

Employee conduct can also create claims internally. For example:

bullying or harassment by a manager
discrimination by a team leader
unlawful deduction or underpayment driven by “how the roster works”

Even if one person is the “bad actor”, the employer can be responsible for failing to prevent it, failing to respond appropriately, or mishandling the process afterwards.

Having clear expectations in a properly tailored Employment Contract is one of the simplest ways to set the rules of the relationship from the start (including policies, confidentiality, conduct, and disciplinary processes).

How Do You Reduce The Risk Of Being Liable For Employee Actions?

You can’t control everything your team does. But you can control how your business is set up, what you train people on, and how you respond when issues arise.

Here are practical steps that make a real difference.

1) Hire Carefully And Set Clear Expectations Early

Many issues start with role confusion: staff don’t know what they’re authorised to do, say, approve, or promise.

From day one, make sure you’ve covered:

what the employee can sign off (discounts, refunds, quotes, commitments)
what they must escalate to a manager
what “acceptable” communication looks like with customers and suppliers
confidentiality and handling personal information

2) Put The Right Policies In Place (And Actually Use Them)

Policies aren’t just for big corporates. For small businesses, they’re often the difference between “we did everything reasonably practicable” and “we had no system at all”.

Policies that commonly reduce employer liability include:

health and safety processes (risk assessments, incident reporting)
privacy and data handling rules
complaints handling scripts and escalation processes
social media rules and review-response guidelines
gifts, side businesses, and conflicts rules

If your staff deal with suppliers, referrals, or have access to sensitive business decisions, a Conflict of interest policy can prevent messy disputes before they start.

3) Train Staff On The “High-Risk Moments”

You don’t need a 40-page manual that nobody reads. You do need training that covers the moments most likely to create liability, such as:

quoting and advertising (what can be promised, what can’t)
handling refunds and complaints
storing and sharing customer information
safety procedures (especially when work is physical or customer-facing)
what to do when something goes wrong (who to notify, what to document)

A simple rule of thumb: if you’d be unhappy seeing it screenshotted online or read out in a formal complaint, it needs a script or training.

4) Supervise And Document (Without Micromanaging)

Supervision is part of risk control. If you’ve got junior staff doing complex tasks, you should have a plan for:

reviewing their work (spot checks can be enough)
tracking incidents, near misses, and complaints
recording training completion
updating processes when patterns appear

Documentation helps you show that you took reasonable steps and responded properly. If a dispute escalates, “we definitely told them” is much harder to prove than a short written record.

5) Use Contracts That Match How You Actually Operate

Your risk often depends on whether the person who caused the harm is truly an employee, a contractor, or a third-party service provider.

Misclassifying workers can expose you to unexpected obligations (and limit your ability to manage performance and conduct issues). If you’re engaging non-employees, make sure your contracts and working arrangements match reality.

And if employees have authority to deal with customers, make sure your customer-facing terms cover things like:

scope of services and exclusions
timeframes and dependency on customer cooperation
limits on liability (where lawful)
how complaints and disputes will be handled

6) Consider Insurance (But Don’t Treat It As A Substitute For Compliance)

Insurance can be a helpful safety net, but it won’t fix poor processes. Depending on your business, you might look at:

public liability insurance
professional indemnity insurance
statutory liability insurance
cyber/privacy cover

Always check the fine print for exclusions (for example, intentional wrongdoing, known issues, or failure to take basic precautions).

What Should You Do If An Employee Causes A Problem?

When an incident happens, it’s tempting to go straight into “damage control mode” with the customer or the staff member. But how you respond can affect your legal position.

Here’s a practical approach that usually helps.

1) Contain The Risk And Keep People Safe

If anyone is at risk (physical or psychological), address that first. If it’s a health and safety incident, follow your reporting and escalation process immediately.

2) Get The Facts (And Preserve Evidence)

Collect information early, while it’s fresh:

what happened, when, and who was involved
emails, messages, recordings, CCTV (if you have it)
screenshots of online interactions
customer complaint details and outcome requested

Avoid jumping to conclusions before you’ve investigated properly-especially if the incident may lead to disciplinary action.

3) Communicate Carefully With The Customer Or Third Party

You usually want to acknowledge the complaint quickly, but be cautious about admissions. A well-meaning “we’re completely at fault” email can create problems later if facts turn out differently.

Instead, focus on:

acknowledging receipt
confirming you’re investigating
providing timeframes for next steps
offering practical interim solutions where appropriate

4) Manage The Employment Side Fairly

If an employee has potentially breached policy or behaved improperly, you still need to follow a fair process. Rushed or informal discipline can lead to personal grievances-even if the employee genuinely messed up.

This is where tailored advice can be valuable, because the “right” response depends on seniority, past conduct, training provided, and the seriousness of the event.

5) Fix The System (So It Doesn’t Happen Again)

After the dust settles, take a moment to identify the underlying cause:

Was training missing?
Was the policy unclear?
Did the employee have too much autonomy too soon?
Was the workload unrealistic?

This is also your chance to strengthen your legal foundations and reduce repeat incidents-which is often what regulators and insurers look for.

Key Takeaways

In New Zealand, you can be liable for what an employee does if the conduct is connected to their role, even if you didn’t personally approve it.
Employer liability commonly arises through vicarious liability, direct failures in training/supervision, and contractual responsibility to customers.
Key legal risk areas include health and safety (Health and Safety at Work Act 2015), consumer law (Fair Trading Act 1986 and Consumer Guarantees Act 1993), privacy (Privacy Act 2020), and employment obligations.
You can reduce risk by setting clear expectations, using practical workplace policies, training staff on high-risk interactions, and documenting supervision and incidents.
Strong legal documents (including employment contracts and customer terms) help you manage behaviour, allocate responsibility, and respond to disputes more confidently.
If an incident happens, focus on safety first, gather facts early, communicate carefully, follow a fair employment process, and improve the underlying system.

If you’d like help getting your workplace legally protected from day one - whether that’s reviewing your contracts, putting the right policies in place, or managing an incident - reach us at 0800 002 184 or team@sprintlaw.co.nz for a free, no-obligations chat.

Rowan GardoceMarketing Coordinator

Rowan is the Marketing Coordinator a Sprintlaw. She is currently in her third year of Law and Psychology at Macquarie University, and is passionate about helping businesses by breaking communication and accessibility barriers through NewLaw.

In her first year at university, Rowan jumped into the legal space by working as a paralegal on a cyber security project. However, she wanted to combine her passion for content creation with the demand for legal knowledge. So, she started writing for The Brief, a law school publication at Macquarie University. She produced a number of articles discussing a range of topics, from the role of Afterpay in fintech to protecting junior lawyers from wage theft.

Rowan realised that she enjoyed copywriting and wanted to see how this would work in various fields. Marketing was an industry where she could combine her study of psychology with her copywriting experience, so she interned with a fintech startup in the insurance space. She produced copy and visual content to enhance their online presence and inform customers of their options when faced with insurance issues.

At this point, Rowan found that the root of many problems was the lack of access to important information. Without the right knowledge, customers were subject to exploitation and complex rules. Eventually, Rowan found an interest in making advice accessible through various creative mediums and helping businesses be proactive.

Rowan then moved to a creative agency which helped small businesses build and enhance their brand. In between producing copy and drafting blueprints, she realised that the key to helping businesses is to make things as simple, cost-efficient and accessible as possible, so they can make informed decisions with minimal losses.

So, she decided she wanted to be part of an industry that makes legals simple, as they should be. Now, Rowan coordinates content for Sprintlaw and is helping more small businesses each day.

Need legal help?

Get in touch with our team

Tell us what you need and we'll come back with a fixed-fee quote - no obligation, no surprises.

Need support?

Need help with your business legals?

Speak with Sprintlaw to get practical legal support and fixed-fee options tailored to your business.

Get Started Book A Call