Essential Policies Every Club Needs: A Practical Guide

I've seen clubs with 47 policies and none of them updated since 2014. That's worse than having three good ones.

Let me be specific. A club in regional Victoria once showed me their policy folder - a 3-ring binder from the mid-2000s containing 22 printed documents, most downloaded from websites that no longer exist, referencing legislation that had been amended twice since printing. The club secretary had never read them. The president had never read them. The only person who'd read them was the state body compliance officer who'd asked to see them during an affiliation audit, and her assessment was blunt: "These are decoration."

That's the failure mode. Not having zero policies - having policies that nobody follows, nobody updates, and nobody can find when they're actually needed. At 2am when a parent posts a defamatory tirade about a coach on the club Facebook page, or at training when a player discloses something concerning to a volunteer, or at the AGM when a member challenges a committee decision and someone says "but where does it say that?" - those are the moments policies exist for.

This guide covers what you actually need, how to write it so people actually read it, and how to keep it current without making policy review a part-time job.

1. Policies are not paperwork - they're how your club handles the hard stuff

There's a persistent misunderstanding in club governance that policies are something you write to satisfy external bodies - the state sporting body, the grant funder, the insurer. Compliance documents. Paperwork.

They're not. Or rather, they shouldn't be. The real purpose of a policy is to give your volunteers a framework for making difficult decisions under pressure. When a committee member is standing in a car park at 7pm on a Wednesday dealing with a furious parent, the last thing they need is to improvise. A policy says: here's the process, follow it, you're covered.

This matters because clubs are run by volunteers. Volunteers who didn't go to law school, didn't train in HR, and didn't sign up to adjudicate disputes between adults about a children's sport. Policies protect them. When there's a written process and the club follows it, individual committee members are far less exposed to personal liability than when they're making it up as they go.

The second thing policies do is set expectations. A code of conduct doesn't prevent bad behaviour - nothing prevents all bad behaviour. But it establishes what the community agrees is acceptable, and it gives the committee authority to act when someone crosses that line. "We've asked you to leave because your behaviour breaches our code of conduct, section 3" is fundamentally different from "we've asked you to leave because we think you're being unreasonable." One is a process. The other is an opinion.

And yes, policies also satisfy external requirements. The ACNC governance standards expect charities and not-for-profits to operate with appropriate governance frameworks. State sporting bodies increasingly tie affiliation to policy compliance. Grant bodies ask for them. Insurers check for them. But if your policies only exist to tick those boxes, they'll fail the moment you actually need them.

For a broader look at governance frameworks, see our good governance guide for community organisations.

2. The essential five

If your club has nothing written down, start here. These five policies cover the situations you're most likely to face, and they're the ones that regulators, funders, and insurers will ask about first.

Constitution (or rules of association)

Your constitution is your founding document. If your club is incorporated as an association - and in Australia, most are - your state requires you to have one. In the UK, it's your governing document (constitution for a CIO, trust deed for a trust, memorandum and articles for a company limited by guarantee). In New Zealand, it's your society's rules under the Incorporated Societies Act 2022.

The constitution covers how membership works, how the committee is elected, how meetings are run, how money is managed, and what happens if the club winds up. It's the document that everything else sits underneath.

Every Australian state provides model rules you can adopt or adapt - NSW Fair Trading, Consumer Affairs Victoria, Office of Fair Trading Queensland, and their equivalents elsewhere. In the UK, the Charity Commission publishes model governing documents. In New Zealand, the Companies Office provides templates for incorporated societies under the new 2022 Act.

One piece of advice: don't try to be clever with your constitution. The clubs that run into trouble are the ones with custom clauses written fifteen years ago that nobody understands anymore. Use the model rules, add your club name and sport-specific details, keep it clean. If you need specific provisions - say, a clause about life membership or a particular voting threshold - add them as minimal amendments to the model rules rather than rewriting from scratch.

Code of conduct

Your code of conduct sets behavioural expectations for everyone involved in your club - members, coaches, officials, parents, spectators, and committee members. It's the most-used policy you'll have, because behavioural issues are the most common governance challenge for community organisations.

We'll cover codes of conduct in detail in section 5 below, because they deserve more than a paragraph. The key point here: a code of conduct that says "members will behave respectfully" is too vague to be useful. Specificity is what gives a code of conduct its teeth.

For detailed guidance on writing codes for different groups, see our articles on codes for coaches and players and codes for volunteers and spectators.

Privacy policy

Your club collects names, addresses, dates of birth, phone numbers, email addresses, emergency contacts, medical conditions, and payment details. That's sensitive personal information, and you need to tell people what you're doing with it.

We cover this in full in section 6 below, including the regulatory frameworks across Australia, the UK, and New Zealand.

Grievance and complaints procedure

Every club has conflict. The question isn't whether someone will lodge a complaint - it's whether you have a process for when they do. Without one, complaints become car park whispers, whispers become factions, and factions split clubs.

Full details in section 7.

Safeguarding and child protection policy

If your club has any members, participants, or volunteers under 18 - and almost every sports club does - you need a safeguarding policy. This one is non-negotiable in every jurisdiction. The requirements differ by state and country, but the expectation is universal: your club must have clear procedures for protecting children and vulnerable adults.

We've published a separate safeguarding implementation guide that covers this in the depth it deserves - Working With Children Checks, Blue Cards, DBS checks, mandatory reporting, and the specific requirements in each Australian state, the UK, and New Zealand.

3. The important extras

Once you've got the essential five in place, these policies are worth developing over the next twelve months. None of them are typically legally required for small clubs (with some exceptions), but each one addresses a situation that will eventually come up.

Social media policy

Who can post on behalf of the club? What's acceptable for members to post about the club? What happens when someone screenshots a private team group chat and posts it publicly? Social media incidents are now one of the most common governance headaches for community organisations, and they escalate fast. More on this in section 9.

Anti-discrimination and inclusion policy

This one sits in a grey area between "essential" and "extra" depending on your jurisdiction. In Australia, the Anti-Discrimination Act 1977 (NSW), Equal Opportunity Act 2010 (VIC), and equivalent state legislation create obligations for organisations. In the UK, the Equality Act 2010 is comprehensive. In New Zealand, the Human Rights Act 1993 applies.

Having a written policy matters because it demonstrates your club's commitment to inclusion and gives the committee a framework when issues arise. Full coverage in section 8.

Volunteer policy

What volunteers can expect from the club, and what the club expects from them. Role descriptions, induction processes, support and supervision, out-of-pocket expenses, and the process for standing down a volunteer whose conduct doesn't meet expectations. Especially useful for onboarding new volunteers - instead of "just turn up and we'll figure it out," they get a document that explains exactly what they're signing up for.

Financial policies

Who can authorise spending? What's the threshold for committee approval versus treasurer discretion? How do reimbursements work? Who are the bank account signatories and how many need to sign? Detailed coverage in section 10.

Alcohol and drugs policy

If your club serves alcohol - at the bar, at presentations, at fundraisers - you need a policy covering responsible service obligations and expectations around junior events. If your sport has an anti-doping framework through Sport Integrity Australia (AU), UK Anti-Doping (UK), or Drug Free Sport New Zealand (NZ), reference it even at community level. Your members may be subject to anti-doping rules regardless of the level they compete at.

Other policies to consider

Depending on your sport and circumstances, you might also need:

• Extreme weather and heat policy - increasingly mandated by state sporting bodies for outdoor sports, particularly in Queensland, WA, and South Australia
• Concussion management policy - essential for contact sports; reference the AIS concussion position statement (AU) or the relevant NGB concussion protocols
• Photography and media consent policy - who can take photos, where they can be published, and how someone opts out
• Environmental sustainability policy - emerging requirement for some grant programmes
• Data retention and destruction policy - complements your privacy policy with specifics on how long you keep data and how you destroy it

4. How to write a policy that people actually read

The average club volunteer will give a policy document about four minutes of attention. Maybe five if it's directly relevant to a situation they're currently dealing with. That's your window.

Plain language, always

If your policy reads like it was written by a lawyer, your volunteers won't read it. And a policy that nobody reads is functionally identical to not having one.

Write in the same language you'd use to explain the policy to a new committee member over a cup of tea. Short sentences. Active voice. No jargon unless the jargon is genuinely the clearest way to say something (and it rarely is).

Bad: "Members shall at all times conduct themselves in a manner consistent with the principles of sportsmanship and shall refrain from engaging in conduct that may be deemed to bring the organisation into disrepute."

Good: "Treat everyone at the club with respect - players, coaches, officials, parents, and volunteers. If your behaviour falls below this standard, the committee will follow the process in section 4."

Keep it short

A code of conduct should fit on two pages. A grievance procedure might run to three. A privacy policy - two pages, maybe three if you're covering multiple jurisdictions. If your policy document is longer than five pages, you've probably combined the policy (the principles and rules) with the procedures (the step-by-step process for implementing them). Split them. Policy in the main document, procedures in an appendix.

The most readable format: numbered sections with clear headings, bullet points for lists of specific items, bold text for key obligations. Think about someone scanning the document on their phone while standing on a sideline.

Use a consistent template

Every policy should follow the same structure:

1. Purpose - one paragraph explaining why this policy exists
2. Scope - who it applies to (members, volunteers, committee, visitors, everyone?)
3. Policy statements - the actual rules, numbered
4. Responsibilities - who does what (by role title, not person name)
5. Related documents - cross-references to other relevant policies
6. Review - when this policy will next be reviewed
7. Version history - date adopted, dates reviewed, dates amended

When every policy follows the same structure, people know where to look for information. That consistency reduces the friction of actually using the documents.

Test it on a real person

Before you adopt a new policy, give it to a committee member who wasn't involved in writing it. Ask them to read it in under five minutes and tell you what it says. If they can't, rewrite it. If they can, you're close.

5. Code of conduct - for members, coaches, parents/spectators, committee

The code of conduct is the policy your club will reference most often. It's worth getting right, and it's worth having different versions - or at least different sections - for different groups, because the expectations differ.

Members and players

This covers behaviour during training, matches, and club events. The core elements:

• Respect opponents, officials, teammates, and spectators
• Play within the rules of the sport
• Accept officials' decisions (even when they're wrong - and they will be sometimes)
• No verbal or physical abuse, intimidation, or bullying
• No discriminatory language or behaviour of any kind
• Respect club property and facilities
• Follow the club's social media expectations
• Report concerns through proper channels rather than on social media

Be specific about consequences. "Breach of this code may result in disciplinary action" tells people nothing. "A first breach will result in a formal warning. A second breach may result in suspension for up to four weeks. Serious breaches - including violence, discrimination, or deliberate harm - may result in immediate suspension pending investigation" - that's clear.

Coaches and officials

Coaches and officials hold positions of authority and trust, and the expectations on them should reflect that. Beyond the general member standards, coaches should be expected to:

• Hold current, relevant qualifications and first aid certification
• Prioritise player welfare over results - at every level, every time
• Maintain appropriate boundaries with players, especially juniors
• Never coach while under the influence of alcohol or drugs
• Communicate respectfully with parents, even when parents don't reciprocate
• Hold current Working With Children Checks (AU), DBS checks (UK), or police vetting (NZ) where required
• Report safeguarding concerns through the club's designated process

For officials, the emphasis shifts to impartiality, consistency, and appropriate handling of dissent. Officials - especially young ones - are the people most likely to walk away from the sport because of abuse. Your code should explicitly protect them.

Parents and spectators

This is the code most clubs are missing, and it's the one that would solve 60% of their behavioural incidents. Parents standing on a sideline screaming at a twelve-year-old referee. Spectators sledging opposition players. Someone filming other people's children and posting it to social media without consent.

A spectator code should cover:

• Respect match officials at all times - no arguing, no intimidation, no approaching them after the game
• No abusive, discriminatory, or obscene language
• Stay off the field of play unless there's a genuine medical emergency
• Support your team positively; don't target individual opposition players
• No photography or filming of children without parental consent
• Respect facility rules (parking, alcohol zones, no-smoking areas)
• Follow directions from club officials and match-day volunteers

Make it visible. Print it on the back of the registration form. Put it on a sign at the entrance to your ground. Display it on your website. The point is that nobody can say they didn't know.

Committee members

Committee members should be held to a higher standard than general members. They make decisions that affect other people, they handle money, and they have access to personal information. Their code should include:

• Act in the best interests of the club, not personal interests
• Declare conflicts of interest and recuse themselves from related decisions
• Maintain confidentiality of committee discussions and member information
• Treat all members equitably - no favouritism, no vendettas
• Follow proper financial procedures
• Not make commitments on behalf of the club without appropriate authority
• Support committee decisions publicly, even if they disagreed in the meeting

That last point matters more than people think. A committee that argues internally but presents a united position externally functions well. A committee where individual members publicly undermine decisions they voted against is a committee that will eventually fracture - and take the club with it.

6. Privacy policy

Your club is a data controller. You might not think of it that way - you probably think of it as a sports club that happens to collect some contact details - but in the eyes of privacy regulators, you're an organisation that collects, stores, processes, and sometimes shares personal information about individuals, including children.

What you need to cover

Regardless of which country you're in, a privacy policy needs to answer these questions:

1. What information do you collect? Names, addresses, dates of birth, contact details, emergency contacts, medical information, payment details, photographs, Working With Children Check numbers
2. Why do you collect it? Membership administration, communication, competition registration, insurance, duty of care
3. How do you store it? In what systems, with what security measures, who has access
4. Who do you share it with? State sporting body, competition administrators, insurers, payment processors - be specific
5. How long do you keep it? Define retention periods - active members' data for the duration of membership plus a defined period, financial records for seven years (ATO requirement in Australia), etc.
6. How can someone access, correct, or delete their data? Give them a clear process - who to contact, what to expect, how long it takes
7. How do you handle children's data? This needs its own section, because the rules are stricter and the consequences of getting it wrong are more serious

The Australian framework

The Privacy Act 1988 and the Australian Privacy Principles (APPs) are the core framework. The Act technically applies to organisations with annual turnover above $3 million, which means most community clubs fall below the threshold. But the OAIC (Office of the Australian Information Commissioner) recommends that all organisations handling personal information follow the APPs as best practice. And if your state sporting body requires a privacy policy for affiliation - which many do - the turnover threshold becomes irrelevant.

State-level privacy legislation also applies in some cases. Victoria's Health Records Act 2001, for example, covers health information collected by organisations of any size.

The practical minimum: tell people what you collect and why, store it securely, don't share it without consent (except where required by law or for the purpose it was collected), and give people a way to access or correct their information.

The UK framework

The UK GDPR and the Data Protection Act 2018 apply to all organisations processing personal data, regardless of size. There's no turnover exemption. Your club needs a lawful basis for processing each category of data (legitimate interests and consent are the most common for clubs), and you need to be able to demonstrate compliance.

The Information Commissioner's Office (ICO) publishes specific guidance for small organisations that's written in plain language and directly applicable to community groups. Most clubs don't need to appoint a formal Data Protection Officer, but they should have a committee member responsible for data protection.

The New Zealand framework

The Privacy Act 2020 and the Information Privacy Principles apply to all "agencies" that collect personal information, which includes incorporated societies. New Zealand's framework is structurally similar to Australia's APPs but has some important differences - including mandatory breach notification, which Australia has since adopted and New Zealand had from the outset of the 2020 Act.

The Office of the Privacy Commissioner publishes practical tools for small organisations, including a privacy policy generator that's a reasonable starting point.

Common mistakes

The mistake I see most often: clubs storing member data in shared Google Sheets with no access controls. Every committee member can see every member's medical conditions, every child's date of birth, every parent's phone number. That's a privacy breach waiting to happen.

Fix the storage before you write the policy. Use a system with role-based access controls - where the registrar can see what they need to see, the treasurer can see what they need to see, and the social coordinator can't see anyone's medical information because they don't need it. (This is one of the things TidyHQ was specifically built to handle - member data with appropriate access controls rather than spreadsheets.)

Second most common mistake: no process for when someone leaves the club. If a member lets their membership lapse, what happens to their data? If you keep it indefinitely "just in case they come back," you're holding data without a current purpose. Define a retention period - say, two years after membership lapses - and then delete it.

7. Grievance and complaints handling procedure

A complaints procedure is the most important policy you'll hopefully never use. But when you need it, you'll need it urgently, and you won't have time to design one from scratch.

What a good procedure looks like

Step 1: How to lodge a complaint. In writing (email or letter), addressed to a specific role (club secretary, complaints officer, or welfare officer - use role titles, not personal names). Verbal complaints should be acknowledged and the complainant asked to put it in writing. Not to create bureaucracy - to create a clear record.

Step 2: Acknowledgment. The club acknowledges receipt within 48 hours (or a timeframe appropriate for your volunteer-run reality - some clubs use five working days). The acknowledgment confirms who will handle the complaint and the expected timeline.

Step 3: Assessment. The receiving officer determines whether the complaint is within the club's jurisdiction, whether it involves a safeguarding concern (which triggers a separate process), and whether the complainant and respondent need to be separated in the interim - particularly relevant for complaints involving harassment or intimidation.

Step 4: Investigation. The person handling the complaint talks to both parties and any witnesses. This needs to be someone without a conflict of interest - not the respondent's best mate, not the complainant's teammate, and ideally not someone who has a personal stake in the outcome. For small clubs where everyone knows everyone, this is the hardest part. Consider whether your state sporting body can provide an independent person if needed.

Step 5: Resolution. The options range from no action (if the complaint isn't substantiated), to mediation, to a formal warning, to suspension, to expulsion. The range of outcomes should be documented in the procedure so both parties know what's possible before the process starts.

Step 6: Communication. Both parties are informed of the outcome in writing. The respondent has a right to know the substance of the complaint against them and the evidence considered. The complainant has a right to know that the complaint was taken seriously and what action was taken.

Step 7: Appeal. There should be an appeal mechanism - typically a panel of three committee members who weren't involved in the original investigation, or an appeal to the state sporting body if internal options are exhausted.

Key principles

Confidentiality. Both parties deserve confidentiality during the process. Committee members not directly involved in handling the complaint don't need to know the details. Gossip kills trust in the process faster than anything else.

Timeliness. Set timeframes and stick to them. A complaint that drags on for three months is a complaint that's destroying a club from the inside. If you can't meet a deadline, communicate that - silence from the committee is interpreted as indifference.

Natural justice. The respondent has a right to know the allegations against them, to respond, and to have their response genuinely considered. This isn't a court - it doesn't need to be adversarial - but basic fairness is non-negotiable.

Record keeping. Keep records of the complaint, the process followed, and the outcome. Not on someone's personal email - in a secure, central location that the next secretary can access when this secretary's term ends. These records matter if the complaint escalates to the state sporting body or if a pattern of behaviour emerges later.

For more on the broader governance context, including how complaints handling fits into your club's risk management framework, see our risk management guide.

8. Anti-discrimination and inclusion policy

Discrimination in sport is illegal. That's the starting point. But beyond the legal obligation, an inclusion policy signals to current and prospective members that your club is a place where everyone is welcome - regardless of race, gender, disability, sexual orientation, religion, or age.

What the law requires

In Australia, anti-discrimination legislation operates at both Commonwealth and state level. The Racial Discrimination Act 1975, Sex Discrimination Act 1984, Disability Discrimination Act 1992, and Age Discrimination Act 2004 set the federal framework. State legislation - the Anti-Discrimination Act 1977 (NSW), the Equal Opportunity Act 2010 (VIC), and their equivalents - adds further protections. Sport-specific exemptions exist (single-sex competitions, age-group restrictions), but they're narrower than many clubs assume.

In the UK, the Equality Act 2010 consolidates previous anti-discrimination legislation and defines nine protected characteristics. The UK Sport Code for Sports Governance includes specific requirements around diversity and inclusion for funded bodies, and most NGBs cascade similar expectations to clubs.

In New Zealand, the Human Rights Act 1993 prohibits discrimination on a range of grounds including race, sex, disability, and sexual orientation. Sport New Zealand's governance guidance emphasises inclusion as a core principle.

What your policy should include

1. A clear statement that discrimination, harassment, and vilification based on any protected characteristic are not tolerated at your club - during training, matches, social events, or online interactions
2. Specific examples of what constitutes discriminatory behaviour, because abstract principles are harder to apply than concrete illustrations
3. The process for reporting discrimination - link to your complaints procedure
4. Consequences for substantiated complaints - consistent with your code of conduct
5. Positive commitments - what the club is actively doing to promote inclusion, not just what it prohibits. This might include accessible facilities, modified programs, translated communications, or visible welcome statements for specific communities

Play by the Rules (AU) provides excellent resources on anti-discrimination in sport, including online training modules that are free and specifically designed for club volunteers. In the UK, the Club Matters programme through Sport England has inclusion toolkits. Sport NZ publishes guidance on inclusive sport.

Beyond compliance

The clubs that do inclusion well go beyond "we don't discriminate." They actively create environments where diverse groups feel welcome. That might mean:

• Ensuring registration forms don't force binary gender selections where that's not necessary
• Providing prayer spaces or accommodating religious observance in scheduling
• Making venues physically accessible and promoting accessibility information
• Training coaches in inclusive coaching practices
• Actively recruiting from underrepresented communities rather than waiting for them to find you

An inclusion policy that only says "we comply with the law" is a missed opportunity. The policy should reflect your club's genuine commitment to being a place for everyone in your community.

9. Social media policy

Ten years ago, a social media policy was something only large organisations bothered with. Today, it's one of the most practically relevant policies a club can have. The number of governance incidents that start - or escalate - on social media is staggering.

Why this matters more than most clubs think

A parent films a coach shouting at a player during training. Posts it to a local community Facebook group with the caption "This is what happens at [Your Club]." The video is taken out of context - the coach was actually directing a player away from a dangerous situation - but it doesn't matter. By the time the club responds, the video has 200 shares and the local newspaper has called.

A player screenshots a private team WhatsApp group and posts it publicly. The messages include banter that looked fine in context but reads as bullying or discriminatory language when shared publicly. The club gets tagged. Parents start commenting. Other clubs weigh in.

A committee member, frustrated after a heated meeting, posts a vague but clearly targeted complaint on their personal Facebook page. "Some people at this club only care about their own kids." Everyone in the club knows who they're talking about. The faction lines harden overnight.

These aren't hypothetical scenarios. These are things that happen to community clubs every single week.

What to include

Official accounts. Define who has posting rights to the club's social media accounts (Facebook, Instagram, X, TikTok, whatever you use). Require at least two people to have admin access - what happens when your sole social media manager goes on holiday and the account gets hacked? Establish approval processes for anything beyond routine match reports and event promotions.

Personal accounts. You can't - and shouldn't try to - control what members post on their personal accounts. But you can set expectations. Members shouldn't post content that purports to represent the club's official position. Members shouldn't post footage of other people's children. Members shouldn't use social media to air internal club disputes. These expectations belong in the code of conduct with a cross-reference from the social media policy.

Photography and children. This overlaps with your photography policy and your safeguarding policy, but it's worth reinforcing here because social media is the primary distribution channel. No posting photos or videos of other people's children without parental consent. Period.

Handling negative posts. What does the club do when someone posts something negative or defamatory about the club, a coach, or a volunteer? Define who responds (and who doesn't - not every committee member needs to pile in). Define the tone (factual, measured, not defensive). Consider when to respond publicly and when to take it offline. Sometimes the best response is a private message offering to discuss the concern directly.

Consequences. Social media breaches should be treated the same as any other code of conduct breach - through the complaints and disciplinary process. Make that explicit, because some people seem to believe that what they post online exists in a separate reality from club governance.

10. Financial policies

Financial mismanagement is the fastest way to destroy a club. Not because most treasurers are dishonest - the vast majority are dedicated volunteers doing their best - but because unclear processes create confusion, confusion creates suspicion, and suspicion creates conflict.

Spending authority

Define who can spend money on behalf of the club and how much they can spend without committee approval. A common structure:

• Under $200: Treasurer or president can approve without committee vote (for routine expenses like match balls, cleaning supplies, first aid kit refills)
• $200–$1,000: Requires approval from both treasurer and president
• Over $1,000: Requires a committee vote, recorded in minutes
• Over $5,000 (or whatever threshold suits your club): Requires a general meeting resolution or specific AGM approval

Adjust these thresholds for your club's size and budget. A club with an annual budget of $15,000 has different thresholds from one with $150,000. The point isn't the specific numbers - it's that the authority levels exist and everyone knows them.

Reimbursement

Define the process for out-of-pocket expense reimbursement. Require receipts. Set a timeframe for submission (within 30 days of the expense, for example). Specify how reimbursements are approved and who can't approve their own expenses (nobody should approve their own reimbursement - that's basic financial governance).

Bank account management

Define the signatories. Most clubs require two signatories for payments above a certain threshold - this is often required by your bank and by your state's incorporation legislation. Define how signatories are appointed and changed (usually by committee resolution). Define what happens when a signatory leaves the committee mid-term.

Online banking creates additional considerations. Who has access to view balances? Who can set up new payees? Who can make transfers? Two-factor authentication should be mandatory for all users with banking access - that's not policy, that's common sense, but write it down anyway.

Reporting

The treasurer should provide a financial report to every committee meeting (monthly or as often as your committee meets). The report should include: bank balance, income since last meeting, expenditure since last meeting, comparison to budget, and any upcoming large expenses. An annual financial statement should be presented to the AGM, and for clubs above relevant turnover thresholds, independently reviewed or audited.

Petty cash

If your club maintains a petty cash float (for canteen, bar, or match day expenses), define the maximum float amount, who holds it, how it's reconciled, and how often. Petty cash is the area where small discrepancies accumulate into large ones if not managed carefully.

For a complete overview of club financial governance, see our secretary's handbook, which includes templates for financial reporting and budget tracking.

11. Review schedule - when and how to update your policies

A policy from 2018 that references a complaints officer who left in 2020, legislation that was amended in 2021, and a process that nobody has followed since 2019 is not a policy. It's a liability.

The annual cycle

Schedule your policy review for the first committee meeting after the AGM. There are two reasons for this timing. First, the AGM is when committee positions change - new president, new secretary, new treasurer. The incoming committee needs to know what policies exist and whether they're current. Second, it creates a natural annual rhythm. Put it in the calendar as a recurring event. Don't rely on someone remembering.

How to run the review

Assign a specific person to lead the review - usually the secretary, but whoever it is, name them. "The committee will review policies annually" means nobody does it. "The secretary will lead the annual policy review and present a summary to the March committee meeting" might actually happen.

For each policy, check:

• Accuracy: Is the information still correct? Have role titles or named positions changed?
• Contacts: Are the people referenced still in those roles? (This is the most common thing that goes out of date.)
• Legislation: Has relevant legislation changed? Privacy law, employment law, incorporation rules - these change more often than you'd expect.
• Incidents: Has something happened during the year that exposed a gap? If you had a complaint and your procedure didn't quite cover the situation, now's the time to fix it.
• External requirements: Has your state sporting body, NGB, or insurer updated their policy requirements?

Version control

Every policy should have a "last reviewed" date on the front page. Use a simple version table:

Version	Date	Changes	Approved by
1.0	12 March 2024	Original adoption	Committee meeting
1.1	8 April 2025	Updated complaints officer role title	Committee meeting
2.0	14 March 2026	Major revision - updated privacy sections for APP amendments	AGM

Keep previous versions. If a complaint arises and someone asks "what was your policy at the time of the incident?" you need to be able to answer that question. Archive old versions in a dated folder rather than deleting them.

Trigger-based reviews

Some policies should be reviewed outside the annual cycle when specific events occur:

• Safeguarding policy: Whenever there's a safeguarding incident, a change to relevant legislation, or an update to your state sporting body's requirements
• Privacy policy: Whenever you start using a new system that processes member data, or when privacy legislation changes
• Constitution: Whenever the committee wants to propose a rule change - constitutional amendments typically need to go to a general meeting
• Financial policy: Whenever there's a change to bank signatories, a significant change to the club's financial position, or an audit finding

12. Making policies accessible

You've written good policies. They're clear, they're current, they're practical. None of that matters if nobody can find them.

Where to store them

Not on the secretary's laptop. Not in an email chain from 2019. Not in a Google Drive folder that three people have access to and two of them have forgotten the link.

Your policies should be stored somewhere that:

• Every committee member can access at any time
• New committee members automatically get access when they take on their role
• Access can be removed when someone leaves the committee
• There's a record of who has accessed what (important for demonstrating compliance)
• Previous versions are preserved

A dedicated section of your club management system is ideal. TidyHQ's document storage lets you upload policies and make them available to the right people - committee members see governance documents, all members see the code of conduct and privacy policy, coaches see the coaching-specific policies. It also lets you require members to acknowledge specific policies during registration and renewal, which gives you a record of who has read and accepted what.

If you're not using a club management system, a shared Google Drive or Microsoft SharePoint with clear folder structure and access controls is a reasonable alternative. Just make sure someone is responsible for maintaining access - adding new committee members, removing former ones.

How to communicate them

Writing policies is the first step. Making sure people know they exist is the second. Here's the minimum:

1. At registration: Require new members to acknowledge the code of conduct and privacy policy as part of their registration process. A checkbox that says "I have read and agree to the club's code of conduct" creates a record. Even better: include a link to the actual document, not just the checkbox.

2. At the start of each season: Send a brief email or message to all members reminding them where to find the club's policies and noting any changes since last season. Two paragraphs. Not a lecture.

3. On your website: Your code of conduct and privacy policy should be publicly accessible on your website. Other policies can be behind a members-only login if you prefer, but those two should be public. They demonstrate to prospective members, parents, and sponsors that your club takes governance seriously.

4. At the venue: Print the code of conduct and display it at your ground, clubhouse, or regular training venue. A laminated A3 sheet near the entrance. Not hidden in the change rooms - visible to everyone, including spectators.

5. During induction: When someone joins the committee, give them a policy orientation. Walk them through the key documents - especially the complaints procedure, the financial policy, and the safeguarding policy. Don't assume they'll read everything unprompted.

6. When something changes: If you update a policy mid-year, communicate the change. A brief note: "We've updated our social media policy to include expectations around livestreaming junior matches. You can read the updated policy here." Takes five minutes to write and send.

The biggest mistake

The biggest mistake clubs make with policies isn't writing bad ones. It's writing good ones and then burying them. If a member has a complaint and doesn't know the complaints process exists, the complaint goes to Facebook instead of the complaints officer. If a parent doesn't know about the spectator code of conduct, they can't be expected to follow it. If a treasurer doesn't know the spending authority limits, they'll either spend too freely or - more commonly - be paralysed by uncertainty about what they're allowed to approve.

Policies are tools. Like any tool, they only work if people know where to find them and how to use them.

---

Getting started: the practical minimum

If you've read this guide and feel overwhelmed, here's the starting point. You don't need twelve policies by next month. You need five good ones.

1. Constitution - you probably already have one. Check when it was last reviewed. If it's more than five years old, put it on the agenda for review.
2. Code of conduct - two pages. Cover members, coaches, parents, committee. Make it specific.
3. Privacy policy - two pages. What you collect, why, how you store it, how people can access or delete their data.
4. Complaints procedure - two to three pages. How to lodge a complaint, who handles it, the timeline, the appeal process.
5. Safeguarding policy - see our safeguarding implementation guide for the full framework.

Get these adopted at your next committee meeting. Upload them somewhere the whole committee can access. Set a review date for after next year's AGM. That's your foundation.

Then, over the next twelve months, work through the extras: social media, anti-discrimination, financial, volunteer. One per quarter is a realistic pace for a volunteer committee.

The goal isn't perfection. The goal is having clear, current, accessible documents that your volunteers can actually use when the situation calls for them. Three good policies that your committee has read are worth infinitely more than twenty impressive ones that nobody has opened since they were written.

---

References

• ACNC Governance Standards - Australian Charities and Not-for-profits Commission governance requirements
• Sport Australia Club Hub - Governance resources and policy templates for Australian sports clubs
• Play by the Rules - Policy templates, online training, and compliance resources for safe and inclusive sport (Australia)
• Clearinghouse for Sport - Australian government portal for sports policy research and templates
• Privacy Act 1988 (Cth) - Australian federal privacy legislation and the Australian Privacy Principles
• OAIC - Office of the Australian Information Commissioner - Guidance on privacy obligations for Australian organisations
• Anti-Discrimination Act 1977 (NSW) - New South Wales anti-discrimination legislation
• Equal Opportunity Act 2010 (VIC) - Victorian equal opportunity legislation
• UK GDPR and Data Protection Act 2018 - UK data protection framework and ICO guidance
• Equality Act 2010 (UK) - UK anti-discrimination legislation covering nine protected characteristics
• UK Sport Code for Sports Governance - Governance and policy requirements for UK sports organisations
• Club Matters (Sport England) - Policy guidance and governance toolkits for UK sports clubs
• Privacy Act 2020 (NZ) - New Zealand privacy legislation and Information Privacy Principles
• Human Rights Act 1993 (NZ) - New Zealand anti-discrimination legislation
• Sport NZ Governance Resources - Policy guidance and governance frameworks for New Zealand sports organisations
• Sport Integrity Australia - Integrity standards and anti-doping policy frameworks for Australian sport