Registered provider requirements

The NDIS Commission will manage the registration and quality assurance of NDIS providers under a nationally consistent framework.

Currently, the NDIS Commission operates in New South Wales (NSW) and South Australia (SA) only. The new arrangements will progressively replace existing state and territory quality and safeguards requirements. The start dates for other areas of Australia are:

  • 1 July 2019: Australian Capital Territory, Northern Territory, Queensland, Tasmania and Victoria
  • 1 July 2020: Western Australia

The ‘What does the NDIS Commission mean for providers?’ fact sheet provides a useful overview of the role of the NDIS Commission and provider requirements.

Conditions of registration

There are a number of requirements providers must meet to become registered and maintain registration with the NDIS Commission.

You can learn more about each requirement by clicking the corresponding link in the list below.

The NDIS Commission will work with you to help you understand and comply with registration responsibilities.

Registered NDIS providers in states and territories where the NDIS Commission operates must:

  • comply with the conditions of registration stated on your certification of registration
  • demonstrate compliance with the NDIS Practice Standards for your relevant registration groups (which are determined by the types of services and supports your deliver), including through a quality audit
  • comply with the NDIS Code of Conduct in your organisation and support employees to meet its requirements
  • have an in-house complaints management and resolution system to record and manage any complaints you receive, and support NDIS participants or other relevant concerned parties to make a complaint
  • have an in-house incident management system, and notify the NDIS Commission should a reportable incident occur
  • fulfil worker screening requirements and ensure all workers have been screened
  • if applicable, meet the behaviour support requirements , including reporting the use of restrictive practices to the NDIS Commission.

All workers of registered NDIS providers should complete a worker orientation e-learning module called ‘Quality, Safety and You’, that covers human rights, respect, risk, and the roles and responsibilities of NDIS workers.

The NDIS Commission provides information and guidance to support registered providers to meet their requirements. It monitors registered providers for compliance with the conditions of registration, and has the power to suspend, vary or revoke registration.

The full details on quality and safeguards requirements under the NDIS Commission can be found in the NDIS Quality and Safeguards Rules.

Suitability assessment

As part of the registration and renewal processes, the NDIS Commission assesses the suitability of NDIS providers and their key personnel to deliver NDIS supports and services.

The suitability assessment includes looking at whether the NDIS provider, or its key personnel have:

  • previously been a registered NDIS provider
  • had a banning order in place
  • any past convictions
  • been insolvent under administration
  • had adverse findings or enforcement action taken by any relevant authorities
  • been the subject of findings or judgement in relation to fraud, misrepresentation, or dishonesty
  • been disqualified from managing corporations.

Proportionality applies to registration requirements

Registration requirements and the NDIS Practice Standards apply in proportion to the size, scale and type of supports and services your organisation delivers. This means, for example, that a provider with only a few workers and a small number of participants needs to present a different level of evidence to meet requirements, compared to a national provider with a large workforce and many participants.

The NDIS Commission provides information and guidance to help you understand how to meet the requirements in the context of your organisation.

Quality audits

To apply for or renew registration with the NDIS Commission, all providers undergo an audit against the NDIS Practice Standards. An independent approved quality auditor will assess your organisation against the components of the NDIS Practice Standards that are relevant to the services and supports you deliver. Auditors will also undertake their activities in a way that takes your organisation’s size, scope, and service delivery risk into consideration.

Your organisation will undergo either a ‘verification’ or ‘certification’ quality audit. The NDIS Commission will advise you of the type of audit you require, which is based on your registration group(s) and the legal type of organisation you are (e.g. individual, partnership or body corporate).

As part of the application for registration or renewal, it is the provider’s responsibility to engage an approved quality auditor to assess your organisation’s compliance with the NDIS Practice Standards.

Verification audits

Usually, providers requiring a verification quality audit:

  • are not bodies corporate (for example, operate as individual sole traders or partnerships) and
  • deliver relatively lower risk supports and services.

Many providers requiring a verification audit are already subject to professional regulation as a requirement of doing business, e.g. through the Australian Health Practitioner Regulation Agency (AHPRA) and other professional bodies.

Professional regulation means a practitioner must already meet set standards and is subject to ongoing monitoring of their competency to practice, including through continuing professional development.

Because of the existing obligations of these providers to their relevant professional bodies, and the less complex support types delivered, the provider will engage an approved quality auditor to complete a desktop review of the required documentary evidence outlined for each profession in these guidelines.

Providers must show evidence of:

  • relevant qualifications;
  • expertise and experience;
  • incident management processes/policies;
  • complaints management processes/policies; and
  • risk management processes/policies.

As the NDIS market develops, the NDIS Commission will continue to monitor the effectiveness of these profession-specific regulatory frameworks to meet the NDIS Commission’s requirements in relation to safe, quality services for NDIS participants.

Certification audits

Providers requiring a certification audit:

  • operate as a body corporate and/or
  • deliver complex supports and services.

In a certification audit, providers are assessed against the NDIS Practice Standards’, which may include assessment against the core module and any supplementary module relevant to the type of support they deliver. These guidelines outline the compliance requirements for the core and supplementary modules by registration group.

Assessment includes core capabilities, such as:

  • risk management;
  • delivery of supports; 
  • the delivery environment; 
  • governance and operational management.

NDIS providers that deliver services and supports within the High Intensity Daily Personal Activities registration group will be assessed against the High Intensity Skills Descriptors.

The provider will engage an approved quality auditor to complete the certification audit. This will include document reviews, site visits and interviews with NDIS workers and participants.