When Parliament passed Bill C-65 (Royal Assent October 2018) and its accompanying Workplace Harassment and Violence Prevention Regulations (effective January 1, 2021), it was a watershed moment for workplace safety in federally regulated organizations.

Before C-65, the Canada Labour Code had harassment and violence protections, but enforcement, specificity, and procedural clarity were patchy. Bill C-65 reframed harassment and violence as occupational health and safety hazards, imposed clearer employer duties around prevention, investigation, and support, and aimed to modernize how complaints are handled. (Library of Parliament)

On top of that, the statute introduced three key pillars:

1. Prevention — requiring risk assessments, prevention measures, training, and policy updates.
2. Response — formalizing complaint processes, timelines, investigator qualifications, and protections for complainants.
3. Support and reporting — duties to support those affected, annual reporting of occurrences, and periodic review of the regulations.

For HR leaders, Bill C-65 was never just about meeting legal thresholds. It aimed to reshape workplace culture — moving harassment and violence from being treated as episodic conflicts to being viewed as health, safety, and dignity issues intrinsic to work environments.

Three years in, though, the record is mixed. The law created important guardrails, but compliance gaps, procedural missteps, and underreporting persist. And for provincially regulated employers, the C-65 regime offers lessons — both cautionary and aspirational.

Let’s look at where things stand now, what has been learned, and what HR must do as that three-year mark is passed (and passed again).

What the data and experience tells us (2021–2025)

To evaluate whether C-65 has moved the needle, we need to look at the empirical evidence, litigation signals, and anecdotal trends. The data so far is enlightening—but incomplete.

What the numbers show (federal jurisdiction)

In its 2021 annual report, the federal government published early data from Employer Annual Harassment and Violence Reports (EAHVR) submitted under C-65’s regime. Some key takeaways:

• In 2021, 4,503 employers submitted EAHVRs, covering approximately 1.1 million full-time equivalent employees.
• Of those, 501 employers (11.1%) reported at least one harassment or violence occurrence.
• The total number of reported occurrences was ~4,950, meaning some employers reported multiple incidents.
• Interestingly, 80% of all occurrences were concentrated in just 104 employers (≈ 2.3% of reporting employers).
• In terms of sectors, federal public services / crown corporations, road transportation, and postal services accounted for the majority of occurrences.
• The average resolution timelines, methods of resolution, and breakdown of reporting relationships (principal/responding/third party) were also tracked in the report.

From this early year, we see two things: (1) not every federal employer sees harassment occurrences (or at least reports them), and (2) the problem is still concentrated (some employers are hotspots). The first suggests underreporting; the second suggests structural or cultural issues in certain employers or sectors that require focused intervention.

Beyond 2021, later years’ public federal data is less visible. But legal decisions like Marentette v. Canada (2024 FC 676) have shone a light on how procedural fairness (or the lack thereof) is being tested under C-65.

What the litigation and investigation landscape reveal

The Marentette case is perhaps the most high-profile test of the C-65 framework so far. In that case, a Border Services Officer alleged multiple incidents of harassment and violence over a long period, including discriminatory conduct, but the employer’s investigation was found by the Federal Court to fall short of procedural fairness. The court ordered a new investigation to be conducted by a different investigator. (Mathews Dinsdale & Clark LLP).

Some of the procedural flaws cited included:

• Delay in initiating the investigation (nearly a year from notice).
• Not providing the complainant with a summary of responding party evidence or giving them opportunity to respond.
• Not providing a preliminary report to the complainant or a chance to comment on it (despite the employer having an internal checklist requiring it).
• Interviewing only a subset of relevant parties, failing to provide full representation or notice, and missing steps in the employer’s own investigation checklist.

Marentette is instructive not only for federal employers but for all Canadian HR leaders, because it underscores how high the standard of procedural fairness is—especially when dealing with sensitive harassment/violence allegations. Courts are unlikely to defer to sloppy processes simply because of regulatory frameworks.

Beyond Marentette, other investigation-related cases have flagged similar issues: bias (or perceived bias) in investigator selection or mindset, overstepping the scope of investigation, failure to keep open mind, and failures to document carefully. For example, in a case referenced in a recent legal case-law review, a senior employee alleged harassment via email. The court considered whether the investigator lacked an open mind or had pre-determined outcome. It ultimately held that investigators must operate with clear independence and neutrality. (Rubin Thomlinson)

In short: the enforcement of C-65 is starting to sharpen via procedural fairness challenges, judicial review, and demands for more robust investigatory processes.

Cultural and reporting trends (anecdotal, practitioner insight)

Beyond hard data, HR professionals report patterns worth noting:

• Reluctance to report: Even where C-65 lowers formal barriers (such as allowing reporting to a designated party rather than a direct supervisor), employees still fear retaliation or damaging their reputation.
• Investigation fatigue: Organizations that rushed through compliance (policy + training) without embedding culture find investigations feel mechanical and unsatisfying.
• Policy gaps: Many federal employers did the minimal compliance work before 2021 — updating policy, naming roles — but didn’t revisit how policies are experienced by employees.
• Inconsistent investigation quality: HR teams sometimes assign internal staff investigators without training or independence, creating real risk.
• Underinvestment in prevention: Some employers treated C-65 tasks (risk assessment, prevention) as check-the-box exercises rather than ongoing risk culture projects.

For provincially regulated employers, many of these challenges resonate. Though not bound by federal reg, organizations are under pressure from employees, reputational expectations, and provincial harassment / workplace violence statutes to produce safer workplaces. The difference is, the impetus must come from internal leadership more than statutory force.

All of this leads us to: at the three-year mark, what should HR be doing — not just to comply, but to ensure the workplace is safer and resilient against repeating the mistakes others have made?

What HR must do now (2025 and beyond) — a practical compliance + culture playbook

At the three-year waypoint, many of the original regulatory triggers (review every 3 years) are now due. But beyond ticking those boxes, HR must refine, deepen, and institutionalize. Below is a narrative (rather than a checklist) of how HR leaders should approach the next phase of C-65 maturity.

Revisiting the workplace assessment (risks evolve)

When C-65 came into force, many employers conducted baseline workplace harassment and violence risk assessments — internal scans of factors (work design, power dynamics, external risks, customer/third-party interactions). But risk is not static.

If you haven’t done so already, now is the time to refresh that diagnosis. Begin by asking:

• What has changed in the work dynamics? (New remote/hybrid models, new teams, new leadership, reorganizations)
• Have any new external or third-party risks emerged? (E.g. client/customer aggression, subcontractor violence, social media harassment)
• What complaint trends have emerged? Are certain departments or roles showing patterns?
• What gaps surfaced in investigations? Did some areas never surface complaints at all (which could suggest underreporting)?
• Are there specific vulnerable employee populations (marginalized or minoritized groups) who might face greater risk?

Don’t just update the document; actively engage with employees via anonymous surveys, focus groups, or listens sessions. Let them tell you what kind of behaviour “feels” unsafe or uncomfortable. This qualitative insight helps you realign controls (prevention, detection, support).

As one HR director told me: “We realized our original assessment didn’t account for remote video meetings late at night — one-on-one after-hours chats became a pressure point we never anticipated.”

Re-working policies so they live rather than just exist

It’s one thing to have a Harassment & Violence Prevention Policy on paper; it’s another for employees to understand it, trust it, and feel it will protect them.

At the three-year mark, HR should:

• Audit how the policy has functioned: use metrics like number of complaints, resolution times, employee feedback, repeated complaints, and “near misses.”
• Reveal whether certain policy provisions are confusing or unhelpful — e.g. does the complaint flow hit a dead end? Do employees feel they must talk to their supervisor even when the supervisor may be the problem?
• Mix in plain-language summaries or “what this means to you” explanations to reduce barriers to understanding.
• Incorporate real-world scenarios (anonymized, hypotheticals) in the policy or employee handbook so people can see how the rules apply in life.
• Clarify roles and responsibilities — who is the designated recipient, resolution advisors, competent investigators, and how third-party complaints are handled.
• Build in escalation paths (if resolution fails), protections from reprisal, and support systems (e.g. external resources) explicitly in the policy.
• Ensure integration with other workplace policies — e.g. HR code of conduct, conflict-of-interest rules, technology usage, workplace safety, privacy.

One mid-sized tech firm rewrote its policy at Year 3 by involving a cross-functional committee (HR, legal, operations, union reps). They piloted draft versions with focus groups. The result was a shorter, clearer, scenario-based policy that employees found more usable. The company also instituted a “policy refresh week,” where teams discussed common situations, asked questions, and leadership reaffirmed the commitment to safety.

Overhauling training — from compliance to meaningful engagement

Under C-65, federally regulated employers must deliver harassment and violence prevention training and update it every three years. That means many organizations are due for a refresh. But training shouldn’t just be a compliance checkbox — it’s a chance to reset culture.

Here’s how to elevate it:

• Use findings from your complaint trends and employee surveys to tailor modules. If many reports relate to micro-aggression, bullying, or boundary-blurring, weave in scenario modules around those.
• Add experiential elements: role plays, case studies, anonymized incident reviews, and discussion breakout rooms.
• Mix modalities: interactive in-person, virtual live, self-paced digital modules, and “refresher capsules” throughout the year.
• Promote ongoing conversation: after the training, drop micro-learning reminders (e.g. short video reminders, posters, “Question of the Month”) to keep the conversation alive.
• Collect feedback immediately and in a few months: what stuck? What’s still confusing?
• For hybrid/remote-workplaces, explicitly address risk in virtual environments — e.g. inappropriate video comments, after-hours messaging, boundary creep.

One national telecom I spoke to built a six-session training series, not just one session. It started with foundational prevention, then modules on power dynamics, third-party harassment, procedural fairness, bystander intervention, and post-resolution healing. Between sessions, teams peer-coached on what they learned. It became less about “HR training” and more about culture-building.

Tightening investigation practices (procedural fairness is nonnegotiable)

This is where many organizations stumble — not because they don’t want fair investigations, but because they fail to operationalize procedural rights consistently under stress. The Marentette decision is a stark reminder: procedural fairness is not optional in harassment/violence contexts; courts will scrutinize investigations and may overturn them if rights are denied.

HR must treat investigation design as a high-stakes function, and at Year 3, ensure every step is defensible.

Here’s what HR should tighten:

• Timeliness: C-65 sets time expectation (e.g. resolution beginning within 45 days). Delays, especially multi-month lags, are a red flag.
• Qualified, impartial investigators: Use investigators with neutrality, training, and no conflict of interest. Avoid assigning internal managers unless well trained and independent.
• Notice and rights to respond: Parties must know allegations, responding evidence, and be given a chance to rebut or explain. Marentette strongly affirmed that even if not spelled out in regs, procedural fairness demands that.
• Preliminary report review: Provide parties with a draft or synopsis of findings (where appropriate) and give them a chance to respond before finalizing.
• Documentation discipline: Maintain clear records of interviews, notes, disclosures, decision logic, and investigator reasoning.
• Consistent application of investigation scales: Don’t adjust thresholds in the middle; maintain clear scope.
• Post-investigation follow-through: Provide final report, recommendations, corrective measures, and feedback to both parties.
• Reinvestigation when flaws emerge: If a party raises procedural issues after, HR must take them seriously and possibly reopen or redo the investigation.

Consider this cautionary tale: an employer conducted an investigation into bullying complaints. The investigator interviewed a few witnesses but did not properly notify the complainant of inconsistent witness accounts or let them respond. A year later, an external review indicated serious procedural deficiencies; the employer was forced to reopen the process, reinvestigate, and extend new remedies — at significant cost and reputational damage. The lesson: shortcuts in investigations never age well.

Managing privacy, confidentiality, and support obligations

Investigations by nature deal with sensitive personal information. HR must carefully balance confidentiality, legal obligations, and employee trust.

Here’s how to approach that balance:

• Limit information sharing: Only share with parties what they need to know. Avoid leaking witness identities or extraneous details.
• Confidentiality expectations in policy: Embed obligations in the harassment policy, investigator terms, and communications.
• Data security practices: Store investigation materials securely, limit access, encrypt sensitive documents.
• Privacy assessments: Before investigation, assess whether personal information (medical, mental health, domestic violence) arises, and whether special protections (consents, redactions) are needed under privacy legislation or internal policies.
• Support resources: Offer access to EAP, counselling, legal support, or external resources. Let complainants know what supports are available.
• Protect against reprisal: Be vigilant against retaliation and document any adverse events after a complaint.
• Handle former-employee claims: Under C-65, harassment claims against former employees must be investigated if reported within 3 months of departure.

In one case, a complainant cited ongoing harassment by a former supervisor to HR — the employer balked, saying “he no longer works here.” But under C-65, that response is inadequate: the regulations require the employer to consider such complaints if timely. The refusal to investigate triggered legal risk.

Enhancing reporting, transparency, and accountability

One of Bill C-65’s innovations was mandating annual reporting by employers and requiring ministers to review the regime every five years. HR must not let the reporting obligation be a mere bureaucratic exercise.

At this point, HR should:

• Publish and internally circulate summary metrics (counts, resolution timelines, types of harassment, repeat occurrences) in anonymized format.
• Use those metrics for root-cause analysis: are there teams with disproportionate complaints? Are investigation time lags systematic?
• Feed learnings into prevention redesign: e.g. policy tweaks, training focus, restructuring roles, or environmental fixes.
• Plan for the 5-year review: anticipate which parts of C-65 might be amended or expanded, and engage in consultations where possible.
• Benchmark performance across peers or sectors — how do your complaint rates or resolution times compare?

Transparency — when done carefully — builds credibility. If employees see HR isn’t just hiding numbers but is willing to learn and adapt, trust deepens.

Embedding culture, not just compliance

Perhaps the hardest but most vital shift post-Year 3 is to embed harassment/violence prevention into culture and daily behaviour, not treat it as an “HR function.” Some ways to do that:

• Leadership modeling: executives publicly reinforce safe behaviour, set tone, speak out on respect matters.
• Safe conversation channels: drop-in office hours, “walk and talks,” listening tours, anonymous feedback mechanisms.
• Refresh culture rituals: team charters, behavioural norms, inclusion check-ins, scenario-based discussions.
• Bystander training: empower employees to intervene or escalate when they see boundary-crossing.
• Recognition and reward: spotlight behaviours that reinforce respect, safety, and trust.
• Intersectional lens: stress that harassment + violence risks are not evenly distributed — marginalized and historically excluded groups often experience higher risk.

In short, HR must move from doing “harassment compliance” to cultivating a culture of safety, respect, and dignity. The law gives guardrails; culture makes them live.

What to do if you’re not federally regulated (but still want best practice)

If your organization operates under provincial jurisdiction, you do not have a statutory requirement to implement C-65’s federal regime. But that doesn’t mean you should ignore its lessons. Many provinces have harassment / workplace violence laws or obligations under occupational health and safety, human rights codes, or employment standards. Moreover, employees and stakeholders increasingly expect safe, modern workplaces.

Here’s how provincially regulated HR should lean into C-65’s lessons:

• Use C-65’s structural pillars (prevention, response, support) as a framework for your own harassment/violence program.
• Map provincial law obligations (e.g. provincial OH&S violence/harassment obligations) against C-65’s best practices and upgrade gaps.
• Adopt C-65-level investigation standards, particularly procedural fairness, timeliness, documentation discipline, and support roles.
• Offer training with content aligned to C-65 expectations, even if not required.
• Conduct regular risk assessments and revisit them — many provincial regimes require some form of internal review.
• Monitor case law and provincial tribunal decisions — procedural fairness is increasingly emphasized in provincial human rights and labour decisions.
• Publicly position your organization as a “best-in-class” workplace that aligns with modern expectations, which helps with recruitment, retention, and reputation.

In Canada today, compliance is no longer binary (federal vs. provincial) — best practice is increasingly converging. Organizations that adopt higher standards proactively tend to outperform reactively forced change.

How to detect if your program is failing (diagnostic signals)

• Rising turnover or exit complaints referencing “culture” or “unsafe work.”
• Decreasing complaint numbers (which may paradoxically suggest loss of employee confidence).
• Long resolution timelines or many unresolved cases.
• Repeated complaints from the same individuals or teams.
• Whisper networks or informal reports catching fire on social media or internal channels.
• Legal claims or tribunal applications referencing procedural unfairness or failure to investigate.
• Increased use of external counsel or third parties complaining about process.
• Employee survey feedback indicating low trust in reporting, transparency, or confidentiality.

If you see these signals, act quickly — the cost of ignoring them compounds rapidly.

Story: The cost of a weak investigation In a midsize manufacturing firm (federally regulated), an employee alleged bullying and verbal harassment by a supervisor. HR assigned a junior internal investigator who did only one interview with the complainant, some cursory witness conversations, and never showed the complainant the responding party evidence or offered them chance to respond. The investigator concluded the behavior was “managerial stress,” not harassment. Six months later, the complainant brought a grievance, and then a judicial review challenge citing procedural unfairness. The court ordered re-investigation, and the company incurred legal costs, reputational damage, and two lost quarters of HR distraction.

Story: The shifting boundaries in hybrid work

A nonprofit had a well-crafted harassment prevention policy before C-65. But post-pandemic, several senior managers began hosting one-on-one “coffee chats” after hours over Zoom, sometimes texting staff late at night. A young employee reported feeling pressured to accept those chats, though they were billed as optional. Because the organization never updated the risk assessment to include remote/after-hours dynamics, HR initially dismissed it as overreaction. Then more complaints surfaced in a particular team, and HR realized their policy and training never discussed virtual boundary settings. The result: a full audit, retraining, and rewriting of policies to include online behaviour, after-hours messaging protocols, and expectations for virtual etiquette.

Story: Silence as a signal An organization reported zero harassment complaints over a three-year period post-C-65 compliance overhaul. On the surface, great news — until employee survey feedback revealed fear: “If I complain, I will get blacklisted.” HR quietly realized they had not invested in anonymity channels, communications about protections, nor periodic feedback loops. The “no complaints” ending up being a negative red flag.

These stories underscore how compliance alone — policy + training + process — is insufficient. You must continuously test, adapt, listen, and reinvest.

What HR managers should prioritize now — at the three-year reboot

Below is a narrative of how you might map your next 6–12 months:

1. Project kickoff Announce a “Harassment & Violence Refresh Initiative.” Communicate its purpose: not just compliance, but strengthening safety and trust.
2. Diagnostic phase Reassess risk, revisit historical complaints, run surveys or focus groups, and map complaint hot spots. Identify where behavioural boundaries are blurry and where policy gaps embarrass.
3. Policy refresh and alignment Rewrite policy with insights, condense where possible, add scenarios and plain-language aids, clarify roles. Ensure alignment with other policies (privacy, conduct, safety).
4. Training design and delivery Build an updated training curriculum with customized modules, interactivity, scenarios, technology/remote boundary modules, and follow-up “refresher capsules.”
5. Investigation upgrade Evaluate your investigator roster — internal and external. Create or refine checklists reflecting procedural fairness principles. Train investigators (and HR) on “response rights,” evidence disclosure, timelines, documentation, and rebuttal rights.
6. Support and reporting systems Enhance reporting channels (anonymous, designated recipients), support infrastructure (EAP, counselling, resources for complainants/respondents), and escalation/escalation transparency.
7. Metrics and accountability Publish internal dashboards, root cause analyses, management reviews, and tie outcomes to leader performance and cultural goals.
8. Communication & culture embed Host “Safe Workplace Weeks,” leadership messaging, town halls, scenario-based team dialogues, and continuous reminders that safety is everyone’s responsibility.
9. Review cycle & legal scan Monitor legal developments (e.g. new federal reviews, human rights trends). Ensure the program is ready for the next 5-year statutory review in federal jurisdiction under C-65.
10. Continuous feedback loops After every complaint cycle, after every training cohort, poll participants, get feedback, and refine. Use these cycles to keep the program alive.

If you think of your harassment/violence prevention regime as a living organism rather than a compliance artifact, that shift in mindset becomes the difference between ticking boxes and building a safer, more resilient workplace.

Toward a safer, more respectful organization — final reflections

Bill C-65 was a milestone — not an endpoint. The first three years were about scaffolding, compliance, and baseline rollout. Now, at the three-year mark, the real work begins: refining, embedding, maturing.

For HR managers in federally regulated organizations, the legal pressures will only intensify: complaints, judicial review, procedural fairness scrutiny, reputational expectations, and rising demand for systemic accountability.

For provincially regulated employers, the C-65 era offers a blueprint. You may not be forced by statute, but you are judged by employees, stakeholders, and legal risk. Adopting C-65’s principles positions your organization ahead, not behind.

In doing this work, HR must act as bridge-builder: ensuring legal compliance, but also building environments where employees feel safe speaking up, where investigations are fair and credible, and where boundaries are respected without choking mentorship, trust, or connection.

If HR leads with humility, consistency, and courage, the result won’t just be fewer complaints — it’ll be a workplace where dignity, respect, safety, and confidence are part of everyday work.