Mental health has firmly established itself on the regulatory agenda, and this time it comes with notices of violation, fines, and effective enforcement.
Starting May 26, 2026, the Ministry of Labor will begin the enforcement phase of the update to Regulatory Standard No. 01, bringing the purely advisory period to a close and elevating psychosocial risks to the same level as other classic occupational hazards. In practice, companies are now required to implement concrete measures to identify, assess, and manage factors such as work overload, pressure, harassment and governance failures related to the workplace, with potential administrative, labor, and reputational implications.
The Ministry of Labor itself has published a Q&A document to clarify the application of the regulation, emphasizing that there is no one-size-fits-all approach, but rather a need for documented, traceable management practices that are compatible with each company’s operational reality. The document also emphasizes that simply administering standardized questionnaires on psychosocial risks will not be considered sufficient evidence of proper management, since the results must be effectively analyzed and incorporated into the Preliminary Ergonomic Analysis and/or the risk inventory. There is also an explicit provision stating that the identification of these risks must cover workers in on-site, remote, hybrid, and telework arrangements.
The manual also makes it clear that the purpose of mapping psychosocial risks is not to conduct individual clinical screenings of employees’ mental health, but to determine whether certain job characteristics, demands, or conditions may act as work-related risk factors, thereby requiring companies to implement preventive measures. In this context, it is particularly important to develop effective action plans that are consistent with the risks identified in the Risk Management Plan, since merely formally identifying a risk, without concrete measures for addressing and mitigating it, could ultimately serve as evidence against the company itself in future audits and legal proceedings.
In addition, the implementation of evaluation and monitoring mechanisms must comply with the requirements of the LGPD, particularly to prevent the excessive collection, improper processing, or unauthorized storage of sensitive data related to employees’ mental health, as well as to ensure the proper anonymization of information whenever applicable. The Ministry’s own guidance emphasizes that the regulation focuses on organizational working conditions rather than on individual clinical investigations of employees.
At the same time, the issue has already begun to draw a response from the business community. The Federation of Industries of the State of São Paulo has filed a lawsuit challenging the inclusion of psychosocial risks in Regulatory Standard No. 01, citing concerns regarding the subjectivity of the enforcement criteria and the legal uncertainty arising from the standard’s broad scope of interpretation. The debate highlights that, although there is a consensus on the importance of occupational health protection, significant uncertainties remain regarding the technical and legal limits of enforcement.
In this context, one of the main risks for companies may not be merely the lack of internal policies, but rather the adoption of measures that are purely procedural and disconnected from operational reality. Generic training programs, surveys without action plans, or standardized documents tend to offer little support in the face of audits, inspections, or future legal disputes. These citations mark the beginning of a new focus on corporate accountability related to organizational management and preventive documentation.
