Is a money handling policy mandatory for all NDIS registered providers?

It is mandatory for any registered provider whose service delivery involves holding, disbursing, or managing participant money. This includes SIL providers, support coordinators, and providers running community participation activities where cash is handled on a participant's behalf. Providers with no financial interaction with participant funds may not need a standalone policy, but should still address financial conduct in their Code of Conduct obligations.

Can participant money be kept in the provider's general operating account?

No. Participant money must be kept separate from organisational funds. Commingling participant funds with company accounts is a significant non-conformance risk and can constitute financial exploitation depending on the circumstances. Your policy must specify the control mechanism used — separate accounts, dedicated ledger lines, or an equivalent verifiable arrangement.

What counts as a reportable incident in relation to participant money?

Under the NDIS (Incident Management and Reportable Incidents) Rules, any loss, theft, or unexplained discrepancy involving a participant's money must be assessed as a potential reportable incident — particularly if it involves abuse, neglect, or exploitation. Providers should report through the NDIS Commission portal within the required timeframe and retain all investigation records.

How often should an NDIS money handling policy be reviewed?

At a minimum, your policy should be reviewed annually and updated whenever there is a significant change to your service model, after any incident involving participant money, or when new NDIS Commission guidance is released. Under the strengthened 2026 Practice Standards, auditors look for evidence of active policy governance — not a single dated document that has never been touched.

Do workers need specific training on the money handling policy?

Yes. Auditors routinely interview workers to test their understanding of money handling procedures. Training must be documented — induction records, sign-off sheets, or learning management system completion records. Workers who handle participant cash or assist with financial transactions need to be specifically identified and trained, not just given access to the policy document.

What should a participant receive as evidence of their own transactions?

Participants have the right to access records of their own money at any time. Your policy should specify the format and frequency of statements or transaction summaries provided — for example, monthly written statements or on-request access to a cash book. Participants should never need to ask twice or wait unreasonably to see a record of how their money was spent.

Do you need an NDIS money handling policy? Provider requirements

Who needs an NDIS money handling policy?

If your organisation is a registered NDIS provider and at any point holds, receives, disburses, or manages funds that belong to — or are intended for — a participant, you need a formal money handling policy. This applies most directly to:

SIL (Supported Independent Living) providers who collect household contributions, manage shared living expenses, or help participants pay bills and manage day-to-day spending money
Providers delivering support coordination where funds flow through the provider on a participant's behalf
Any provider offering financial intermediary functions, including assisting participants to pay invoices or holding cash for a participant at their request
Providers of daily activities or community participation where incidental cash (for outings, purchases, or activities) changes hands

Unregistered providers do not fall under the NDIS Commission's Practice Standards, but they remain subject to the NDIS Code of Conduct and basic consumer-protection obligations. The practical reality is that the closer your service is to direct financial management for a participant, the more critical a documented policy becomes — both for regulatory compliance and for participant safety.

Where does the requirement come from?

The obligation to manage participant money safely and transparently is grounded in several overlapping parts of the NDIS framework:

NDIS Practice Standards

The NDIS Practice Standards set out the quality standards that registered providers must meet. Under the Core Module, providers are required to have systems in place that protect participants' rights — including their right to financial safety and freedom from financial exploitation. The Participant Rights and Responsibilities and Individual Values and Beliefs outcomes require that participants maintain control over their finances, and that providers actively support — rather than undermine — that control.

For SIL providers in particular, the Supported Independent Living module within the Practice Standards addresses the day-to-day support environment. Keeping clear, verifiable records of any money held or spent on a participant's behalf is a direct requirement of meeting those standards.

NDIS Code of Conduct

The NDIS Code of Conduct — which applies to both providers and their workers — requires that workers act with integrity and transparency, and that they do not exploit or financially abuse participants. A written money handling policy is the primary mechanism by which a provider demonstrates it has operationalised these obligations rather than simply asserting them.

Strengthened Practice Standards (2026 framework)

The NDIS Commission's strengthened Practice Standards, which underpin the 2026 mandatory registration and re-registration requirements, place a renewed emphasis on governance, accountability, and evidence-based systems. Auditors are now specifically looking for documented policies that are actively implemented — not policies that exist only on paper. Financial safeguarding policies, including money handling procedures, sit within this heightened scrutiny.

What your money handling policy must cover

A compliant NDIS money handling policy is not a brief statement of intent. It is a practical operational document that workers can follow and that auditors can verify against your actual practice. At a minimum, your policy should address the following:

Scope: Define which situations the policy applies to — what types of funds, which participants, which locations, and which staff roles are covered.
Roles and responsibilities: Specify who is authorised to handle participant money, who provides oversight, and who participants or their nominees can contact with concerns.
Record keeping: Set out exactly how transactions are recorded, how often records are reconciled, and how long records are retained. Participant money logs — whether cash books, petty cash records, or digital transaction histories — must be contemporaneous and participant-specific.
Receipts and documentation: Every transaction involving a participant's money — income or expenditure — must be supported by a receipt or equivalent written record. Policies should state who keeps that receipt, for how long, and how it is made available to the participant on request.
Separation of funds: Participant money must not be commingled with organisational funds. Your policy should state clearly how this separation is maintained, including through separate ledger lines, separate accounts, or other verifiable controls.
Participant access and transparency: Participants (and their nominees, guardians, or plan managers where relevant) have the right to access information about their money at any time. Your policy should describe how and when statements or transaction summaries are provided.
Conflict of interest: Workers must not benefit, directly or indirectly, from a participant's financial transactions. The policy should prohibit acceptance of gifts, loans, or inheritances and set out how potential conflicts are declared and managed.
Incident reporting: Any loss, theft, or unexplained discrepancy involving participant money must be treated as a reportable incident under the NDIS (Incident Management and Reportable Incidents) Rules. Your money handling policy should cross-reference your incident management procedure and specify the reporting timeframes.
Review cycle: The policy should identify when it is reviewed (at minimum annually, or after any significant incident) and who is responsible for that review.

What auditors check in practice

When an approved quality auditor reviews your money handling practices — whether at initial certification, re-certification, or mid-term surveillance — they are not simply reading your policy document. They will triangulate across multiple sources of evidence:

Sample transaction records for specific participants, checking that entries are contemporaneous, complete, and signed off
Interviews with workers to test whether they understand and can apply the policy in real scenarios
Interviews with participants or their representatives to confirm they receive statements and know how to raise a concern
Evidence that workers have received training on the policy, including records of induction and refresher training
Review of any incidents involving participant money, and whether they were reported correctly and actioned

Common non-conformances found during audits include: policies that exist but are not known to workers; transaction logs that are incomplete or reconstructed rather than contemporaneous; no evidence of participant access to their own financial records; and failure to report missing funds as a reportable incident.

Consequences of not having a compliant policy

The consequences of inadequate money handling systems are not hypothetical. Auditors can issue non-conformance findings that must be resolved before registration is granted or renewed. In serious cases — particularly where financial exploitation of a participant is alleged — the NDIS Commission has the power to impose conditions on a provider's registration, suspend registration, or revoke it entirely. Individual workers can also face action under the Code of Conduct, including banning orders.

Beyond regulatory consequences, financial exploitation or mismanagement of participant funds is a safeguarding failure that causes real harm to real people. A well-designed money handling policy is a genuine participant-protection tool, not a box-ticking exercise.

Getting your documents audit-ready

A money handling policy does not sit in isolation. It connects to your incident management procedure, your complaints management system, your participant rights documentation, and your worker training records. For SIL providers especially, where the volume of financial transactions per participant can be high, these linkages need to be explicit and demonstrably functional.

If you are building or reviewing your compliance document suite, the 74-document audit-ready SIL compliance kit at ndiscompliant.com.au includes a compliant money handling policy and procedure, along with the full range of Practice Standards documentation required for SIL registration under the 2026 framework.

Whether you use a template kit or build your documents from scratch, the test is always the same: could a worker new to your organisation open this policy, read it, and know exactly what to do — and could an auditor verify that workers are actually doing it?

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.