Is a feedback and complaints register mandatory for all registered NDIS providers?

Yes. All registered NDIS providers must have a feedback and complaints management system under the NDIS Practice Standards. This includes maintaining a written register of all feedback and complaints received, actions taken, and outcomes. It is a direct audit requirement.

What happens if my organisation does not have a complaints register at audit?

The absence of a functioning complaints register is a non-conformance finding under the NDIS Practice Standards. Depending on the severity and any other findings, this can result in conditions on your registration, mandatory corrective action plans, or in serious cases, regulatory action by the NDIS Commission.

Do unregistered NDIS providers need a complaints register?

Unregistered providers are not subject to NDIS Practice Standards audits, but they must comply with the NDIS Code of Conduct, which requires acting with integrity and responding to concerns. While not mandated by audit, maintaining a complaints register is strongly recommended as good practice and may be required under state or territory obligations.

Can participants complain directly to the NDIS Commission instead of to us?

Yes. Participants have the right to contact the NDIS Commission directly at any time, regardless of your internal complaints process. You are required to inform participants of this right as part of your complaints management obligations under the Practice Standards.

How long do we need to keep complaints register records?

There is no single prescribed period in the Practice Standards, but most providers retain complaints records for at least seven years given potential regulatory relevance. You should also check applicable state or territory record-keeping legislation and your organisation's own retention policy for any longer requirements.

Does positive feedback need to go in the complaints register?

Yes. The NDIS Practice Standards require providers to collect and use all participant feedback — positive, neutral, and negative — for continuous improvement. A register containing only complaints may prompt auditor questions about whether your feedback system is genuinely accessible and being used.

Do you need an NDIS feedback and complaints register? Provider requirements

Who needs an NDIS feedback and complaints register?

Any organisation that is a registered NDIS provider must have a functioning feedback and complaints management system — and that system must include a written register. This is not optional guidance. It is a mandatory requirement under the NDIS Practice Standards, specifically the Governance and Operational Management core module and the Rights and Responsibilities standards.

For SIL providers and other disability support organisations delivering higher-intensity supports, the obligations are particularly sharp. Your participants live in the services you manage. They are among the most vulnerable people in the scheme. The NDIS Commission expects your complaints processes to be genuinely accessible, properly documented, and actively used — not just a policy that lives in a drawer.

Unregistered providers are not subject to audit under the Practice Standards, but they are still bound by the NDIS Code of Conduct, which requires them to take all reasonable steps to act with integrity and respond to concerns. Best practice for any provider is to maintain some form of documented feedback process regardless of registration status.

Why the register matters: the regulatory framework

The NDIS Practice Standards require registered providers to have systems that:

Welcome and actively encourage feedback and complaints from participants and their networks
Make it safe and easy for people to raise concerns without fear of reprisal
Record all feedback and complaints in a systematic way
Investigate and resolve complaints promptly and fairly
Use complaints and feedback data to drive continuous improvement
Report certain complaints to the NDIS Commission where required

Without a register, you cannot demonstrate any of the above to a quality auditor. A verbal complaints process — even if well-intentioned — cannot show that complaints were received, acted on, resolved, or used for improvement. Auditors need evidence. The register is that evidence.

Under the strengthened NDIS Practice Standards framework being progressively implemented from 2026, the Commission has signalled greater scrutiny on governance systems, including complaints handling. Providers should treat their register as a living operational document, not an audit-only artefact.

What must your register contain?

There is no single prescribed template for an NDIS feedback and complaints register. However, to satisfy audit evidence requirements and the intent of the Practice Standards, your register should capture the following fields for every entry:

Field	Why it matters
Date received	Establishes timeliness of response
Unique reference number	Enables tracking and cross-referencing with incident register if needed
Source (participant, family member, staff, third party, anonymous)	Identifies patterns by reporter type
Nature of the feedback or complaint	Categorises the concern for trend analysis
Person(s) involved	Links to participant file if applicable (de-identified in aggregate reporting)
Action taken and by whom	Demonstrates active management
Outcome and date of resolution	Shows closure and timeliness
Whether escalated to NDIS Commission or other body	Documents mandatory reporting obligations
Improvement action identified	Connects complaints to continuous improvement cycle

Positive feedback should also be recorded. The Practice Standards require you to collect and use all feedback — positive, neutral, and negative — to improve service quality. A register that contains only complaints will prompt auditor questions about whether you are genuinely seeking participant input.

How feedback and complaints link to incident reporting

Many providers conflate complaints with reportable incidents. They are not the same, but they can overlap. A complaint about a staff member's conduct may, on investigation, reveal a reportable incident under the NDIS (Incident Management and Reportable Incidents) Rules. Your complaints process must include a pathway to escalate to your incident management system when this occurs.

Similarly, a complaint alleging abuse, neglect, or exploitation must be assessed immediately against your obligations as a mandatory reporter to the NDIS Commission. Your register should flag these entries and your policy must describe what happens next. Auditors will specifically test this interface between the two systems.

Accessibility requirements

A complaints register is only useful if people can actually make complaints. The Practice Standards require your feedback and complaints process to be accessible to all participants, including those with communication support needs, cognitive disability, or limited English. This means your policy must describe:

Multiple ways to lodge a complaint (in person, phone, email, written, through an advocate or support person)
Easy Read or alternative format versions of your complaints information
How participants can access an independent advocate if they need one
That participants can complain directly to the NDIS Commission at any time, and how to contact them
That there will be no adverse consequences for raising a concern

SIL providers in particular must ensure that participants living in supported accommodation understand their right to complain about the service they receive in their own home. This information should be provided at intake, displayed in accessible formats within the residence, and revisited regularly.

What auditors look for: common non-conformances

When an approved quality auditor reviews your complaints management system, they will examine both your documentation and your practice. The most common areas of non-conformance for SIL and disability support providers include:

No register at all, or a register that has never been used — even providers who have a complaints policy frequently have no log of actual complaints received, which suggests either that the process is not accessible or that entries are not being recorded.
Missing resolution dates — complaints logged but never closed, with no timeframe documented.
No improvement actions — complaints handled but no evidence that the pattern was analysed or that anything changed as a result.
Participant not informed of the outcome — the person who raised the concern was never told what happened.
Failure to advise participants of their right to go to the Commission — this is an explicit requirement and its absence is a consistent finding in audits.
Complaints conflated with incidents — the register does not show whether items that were also reportable incidents were escalated appropriately.

Linking your register to continuous improvement

Under the Practice Standards, your organisation must use the data from your register to drive service improvement. In practice, this means your management team should review the register on a regular cycle — typically quarterly at a minimum — and document what trends were identified and what actions were taken. This review should be recorded in your governance meeting minutes.

If your register shows a pattern — for example, multiple complaints about the same support worker, a recurring issue with a particular house, or consistent concerns about communication — that pattern must generate a formal improvement action. The action must be tracked to completion and reviewed to confirm it worked.

This continuous improvement loop is what separates a compliant register from a genuinely useful one. The Commission expects both.

Record keeping and retention

Your register is a record of your organisation's complaints history. It must be stored securely, accessible to authorised staff, and retained in accordance with your jurisdiction's record-keeping requirements and any applicable privacy legislation. Given that complaints may be relevant to future regulatory investigations, most providers retain complaints records for a minimum of seven years, though you should confirm the retention period that applies in your state or territory and for your organisation type.

Access to the register should be restricted to appropriate staff. Participants have a right to access information about their own complaint, but not other people's records.

Getting your documentation audit-ready

If you are preparing for your next audit — or establishing your complaints system from scratch — the practical steps are:

Create or update your Feedback and Complaints Policy to reflect current Commission requirements and the 2026 framework changes.
Design a register template that captures all required fields (or adopt a compliant digital system).
Train all staff on how to receive, record, and escalate complaints, including mandatory reporting pathways.
Produce accessible participant-facing information about how to make a complaint.
Set a recurring governance review cycle and record it in your meeting schedule.
Conduct a mock audit of your register — check that every entry has a resolution date, an outcome communicated to the complainant, and an improvement action where relevant.

Providers building out their full compliance documentation suite — including complaints, incident management, restrictive practices, and workforce governance — may find it useful to work from a pre-built framework. The 74-document SIL compliance kit available at ndiscompliant.com.au includes a ready-to-use complaints register template, policy, and participant-facing information sheets designed to align with current Practice Standards requirements.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.