“Just bump into him and get it over with”. This is what two female employees were told when a colleague, who had committed a sexual offence against them, was due to return to the office.

Unfortunately, this is far from an isolated incident with 22.5% of people experiencing sexual harassment in the workplace. 

And with sexual harassment reforms set to tighten in October this year, sexual harassment is not only a serious safeguarding concern but also a growing legal and financial risk for employers. In the case above, the claimants were awarded £11,000.

For small businesses, where HR support may be limited, it’s crucial to understand your responsibilities. In this blog, we’ll explore what the upcoming changes mean, what could put your business at risk, and the practical steps you can take to ensure you’re meeting your obligations.

What changes are coming in October 2026?

Back in October 2024, the UK introduced a major shift in workplace harassment law under the Worker Protection (Amendment of the Equality Act 2010) Act 2023.

The reforms made it a legal duty for employers to take reasonable steps to prevent sexual harassment including incidents involving third parties such as customers, suppliers and contractors.

From October 2026, this preventative duty will become stricter.  Employers must take “all reasonable steps” to prevent sexual harassment. And while you might not consider that to be a significant change, the introduction of “all” raises the bar significantly. It will no longer be acceptable to just have policies in place. You must take proactive steps to prevent sexual harassment incidents occurring in the first place.  

While the regulation defining “all reasonable steps” isn’t due until late 2027, and will depend on the specific circumstances of the employer, such as their size and sector, employers must undertake proactive risk management, publish plans or policies and document preventative action.

Employers will also become liable for third-party harassment from clients/customers, suppliers and contractors. In other words, if a customer harasses an employee, your business will be held responsible if you can’t show you took sufficient steps to prevent it. And this applies to any type of harassment including race, age, disability, sex or religion.  

So, what puts small businesses at risk?

1. Having a sexual harassment policy which doesn’t stand up to scrutiny

Many companies have a sexual harassment policy, but quite often it won’t define the positive and respectful behaviours you expect to see from people. That’s a bit like having a health and safety policy, that tells you what cuts, burns and broken bones look like, but doesn’t explain the measures in place to prevent harm to people.

Without a clear sexual harassment policy, staff and managers won’t understand:

• What constitutes inappropriate behaviour

• What’s in place to reduce the risk of inappropriate behaviour

• How to report concerns

• What action will be taken

  
  

2. Informal workplace culture

Small businesses are more likely to have an informal workplace culture, which in itself can cause problems with:

• Boundaries being blurred

• Inappropriate banter going unchallenged

• A reluctance to escalate complaints.

  
  

3. Not providing suitable training

Small businesses often struggle to provide training due to limited financial resources and time constraints, but this could result in:

• Managers mishandling complaints

• Employees not recognising harassment

• Issues going unreported until they escalate

4.   Poor reporting systems

Small businesses may not have a HR department or a clear way of reporting issues. If staff don’t feel comfortable about reporting an incident, then problems will remain hidden and your legal liability will increase.

What steps should businesses take to reduce risk?

Before October, we highly recommend you consider the following steps to reduce your risk of exposure and to ensure you comply with the law.

1.  Assess your risks

Create tailored risk assessments across your business, ideally role by role and business area by business area. Some of the areas to consider are:

• Customer-facing environments

• Events (including after-work socialising)

• Lone working

• Remote working and online communications

• Supplier or contractor interactions

All risk assessments should be easy to access and should identify where the risk may arise, who is most vulnerable, the steps that are already in place and whether any further action is required.

2.  Review and update policies (or create them if missing)

All policies should be easy to understand, regularly reviewed and should cover:

• Sexual harassment definitions (including third parties)

• Zero-tolerance expectations

• Reporting routes, both formal and informal

• Investigation procedures

• Disciplinary consequences

• Measures to create a positive and respectful culture to reduce the risk of sexual harassment.

3.  Set boundaries with all third parties

Making third parties, such as clients/customers, suppliers and contractors, aware of your behavioural expectations will help your employees feel safe and comfortable reporting any issues.  

• Decide how you are going to communicate your behavioural expectations, such as through signage or codes of conducts

• Include anti-harassment clauses in supplier contracts

• Train staff on how to challenge or escalate inappropriate behaviour safely

• Support staff if they refuse service due to harassment.

  
  

4.  Provide training for all staff

As the council case illustrates, a comment intended to ease anxiety about encountering the male colleague again only served to make the situation worse. Proper training is crucial to prevent this kind of situation and to ensure legal compliance. It should be provided to all staff at all levels and should cover:

• What harassment looks like

• How to report concerns safely

• How to challenge inappropriate behaviour

• How managers should respond

• How to handle third-party incidents

5. Create safe reporting channels

Employees should be comfortable raising any concerns they have. Make sure reporting channels are clearly outlined in your policies and that employees feel they can report concerns:

• Confidentially where possible

• Without fear of retaliation

• To multiple points of contact (not just line managers)

6. Take complaints seriously

Delays or dismissive responses can significantly increase legal risk. All complaints should be investigated promptly and properly documented. In addition, you should:

• Take corrective action where needed

• Document any actions taken

• Communicate outcomes in an appropriate manner

Remember, it’s not always necessary to immediately jump straight to a formal investigation. Use good judgement to decide whether facilitating a conversation, coaching someone about their behaviour or mediation is actually the right course of action. Dealing with minor issues in a more informal way is always easier, than doing nothing and ending up with a serious issue that has to be investigated formally.

How we can help

Ensuring you are ready for the stricter regulations coming in later this year isn’t just about legal compliance, but also about creating a safe, professional environment where staff and customers are protected.

We can offer support to:

• make sure directors are aware of the legal position and how to manage the operational, legal, financial, and reputational risks to the organisation

• train managers in what sexual harassment is and what it's not; how to manage the risks in their team; and how to deal with any concerns raised to them

• work alongside managers to identify risk areas and put in place reasonable steps to prevent sexual harassment

• raise awareness among staff to help prevent it happening and to help ensure people feel able to speak up if it does

• write a prevention policy and guidelines for managers on how to deal with reports made by staff.

It’s never too early to start preparing for these changes, so if you would like to explore any of these areas, please get in touch.