Do community access providers need to be registered with the NDIS Commission?

Yes, if you deliver community participation supports to NDIS participants who are plan-managed or agency-managed, you must be registered. Only participants who are self-managing their funds may choose unregistered providers, but even unregistered providers must comply with the NDIS Code of Conduct.

What audit type is required for community access providers — verification or certification?

Most community access providers delivering supports to multiple participants will require a certification audit, as community participation is generally classified as a higher-risk support. Sole traders delivering lower-risk supports may be eligible for verification. Check with an NDIS Commission approved quality auditor to confirm which applies to your circumstances.

What Practice Standards do community access providers need to comply with?

Community access providers must comply with the Core Module of the NDIS Practice Standards, which covers rights and responsibilities, governance, support planning, incident management, complaints management, and worker screening. Some providers may also be assessed against supplementary modules depending on the supports they deliver.

Do community access workers need NDIS Worker Screening clearances?

Yes. All workers and volunteers in risk-assessed roles delivering community access supports to NDIS participants must hold a valid NDIS Worker Screening clearance before commencing in that role. Providers must maintain a clearance register and ensure clearances are current.

How long does NDIS registration take for a community access provider?

Timeframes vary. After submitting your application, you must engage an approved quality auditor and undergo an audit, which can take several weeks or months to schedule depending on auditor availability. Allow several months from application to registration decision, particularly if you require a certification audit.

What happens if a community access provider is found non-compliant by the NDIS Commission?

The Commission can impose conditions on your registration, issue compliance notices, or in serious cases suspend or cancel your registration. Registration status, including any compliance actions, is publicly visible on the NDIS Commission's provider register.

NDIS community access provider: registration requirements (2026)

Who needs to register as an NDIS community access provider?

If your organisation or sole trader supports NDIS participants to engage with their community — attending social groups, sporting clubs, cultural events, recreational activities or civic life — you are delivering what the NDIS Commission classifies under community participation supports. Registration is mandatory when:

You are delivering supports to NDIS participants who are plan-managed or agency-managed (NDIA-managed).
You are providing any support that falls within a registration group that requires registration under the National Disability Insurance Scheme Act 2013.
You wish to provide supports to participants who cannot self-manage their plan.

Only participants who are self-managing their NDIS funds may choose to engage unregistered providers — and even then, unregistered providers remain bound by the NDIS Code of Conduct.

The 2026 strengthened registration framework: what has changed

The NDIS Commission has been progressively implementing the strengthened NDIS Practice Standards and a revised registration framework, with key changes becoming operative through 2025 and into 2026. The most significant shifts for community access providers include:

Revised Practice Standards structure — The strengthened framework consolidates and clarifies the Core Module requirements, with sharper expectations around governance, risk management, and person-centred practice.
Expanded worker screening obligations — All workers and volunteers in risk-assessed roles delivering community access supports must hold a valid NDIS Worker Screening clearance. The definition of a risk-assessed role has been broadened, so providers should review whether casual or volunteer community companions now require clearance.
Strengthened incident management requirements — Providers must have documented, implemented incident management systems that meet the updated NDIS Practice Standard on incident management and reportable incidents.
Tighter governance expectations — The Commission expects boards, governing persons and senior managers to demonstrate active oversight of compliance, not merely sign off on policies.

Providers already registered prior to 2026 are not exempt from the strengthened requirements — re-certification audits are conducted against the current standards in force at the time of audit.

Step-by-step: how to register as a community access provider

Determine your registration groups. Log into the NDIS Commission Portal and identify which registration groups match the supports you intend to deliver. Community participation supports typically fall under registration group 0125 (participation in community, social and civic activities). If you also provide transport or supported employment, additional groups apply.
Prepare your key personnel and governance documents. You will need to provide details of all key personnel (including directors, partners, and trustees), their qualifications and criminal history check status. Ensure your governance structure is documented — constitution, trust deed, or equivalent.
Submit your application through the NDIS Commission Portal. Complete the online application accurately. Incomplete applications are a common cause of delay. Attach all required supporting documentation at the time of lodgement.
Engage an approved quality auditor. Depending on your registration group and organisation size, you will be required to undergo either a verification audit (for lower-risk, sole traders or small providers) or a certification audit (for higher-risk or larger organisations). Community access delivered to multiple participants typically requires certification. Contact an NDIS Commission approved quality auditor early — audit wait times can be significant.
Undergo the audit against the NDIS Practice Standards. Your auditor will assess the Core Module and the Specialist Support Module or relevant supplementary module that applies to community participation. Prepare documented evidence across all standards before the audit commences.
Receive your registration decision. The Commission reviews the auditor's report and makes a registration decision. Registration is granted for a fixed period, after which a renewal audit is required.
Maintain ongoing compliance. Registration is not a one-off event. You must maintain compliance with the Practice Standards, Code of Conduct, incident reporting obligations, and worker screening requirements at all times.

What the NDIS Practice Standards require of community access providers

Auditors assess community access providers against the Core Module of the NDIS Practice Standards, which covers:

Standard area	What auditors look for
Rights and responsibilities	Participants are informed of their rights; advocacy information is provided; complaints processes are accessible
Governance and operational management	Documented policies; clear lines of accountability; risk management framework; financial management controls
The provision of supports	Support planning is person-centred and goal-directed; supports are reviewed regularly; participants have genuine choice and control
Support planning	Individual plans reflect participant goals and preferences; plans are co-designed with the participant where possible
Incident management	Documented incident management system; all reportable incidents notified to the Commission within required timeframes; post-incident reviews completed
Complaints management	Accessible, documented complaints process; complaints are recorded, investigated, and resolved; learnings inform practice improvement
Worker screening and human resources	All workers in risk-assessed roles hold NDIS Worker Screening clearances; induction and training records maintained; supervision is documented

NDIS Code of Conduct obligations

Every registered community access provider — and their workers — must comply with the NDIS Code of Conduct. The Code requires that providers and workers:

Act with respect for individual rights to freedom of expression, self-determination and decision-making.
Respect the privacy of participants.
Provide supports and services in a safe and competent manner with care and skill.
Act with integrity, honesty and transparency.
Promptly take steps to raise and act on concerns about matters that might have an impact on the quality and safety of supports.
Take all reasonable steps to prevent and respond to all forms of violence, exploitation, neglect and abuse.
Take all reasonable steps to prevent and respond to sexual misconduct.

Providers are responsible for ensuring their workers understand and comply with the Code. A documented induction process covering the Code is considered baseline practice by auditors.

Common non-conformances found in community access audits

Based on the types of issues the NDIS Commission has publicly highlighted across provider audits, community access providers frequently receive non-conformance findings in these areas:

Incomplete or outdated worker screening records — clearances not renewed before expiry, or casual workers commencing before clearance is confirmed.
Incident reports not lodged within required timeframes — providers are unaware which events constitute reportable incidents, or have no system to capture and escalate incidents promptly.
Support plans that are generic rather than person-centred — goals copy-pasted from the participant's NDIS plan without individualised activity planning for community access sessions.
Complaints processes not accessible to participants — policies exist but are in inaccessible formats, not explained to participants at intake, or participants cannot describe how to make a complaint.
Governance documents not reviewed or enacted — policies are present but have not been reviewed for several years, or board minutes show no discussion of compliance matters.

Practical template: community access support plan excerpt

Participant: [Name]
Support type: Community participation (registration group 0125)
Goal from NDIS plan: Build confidence attending community events independently

Weekly activity plan:
- Monday 10am–12pm: Attend local library reading group (support worker accompanies, fades prompts over 6 weeks)
- Thursday 2pm–4pm: Volunteer shift at community garden (supported introduction, participant leads activity choice)

Review date: [3 months from commencement]
Person-centred notes: Participant has indicated preference for outdoor activities. Loud environments trigger anxiety — venues assessed before each session. Emergency contact: [Name, number].

Preparing your documentation before the audit

A common mistake is treating audit preparation as a document-creation exercise rather than a documentation-of-practice exercise. Auditors look for evidence that policies are lived, not just filed. Before your certification audit, confirm you can produce:

Current worker screening clearance register for all staff in risk-assessed roles
Induction checklists signed by all workers, including Code of Conduct acknowledgement
At least three months of incident register entries (even if nil — a nil-entry register with dates shows the system is active)
Complaints register with at least one closed complaint showing the full resolution cycle
Two or three anonymised participant support plans demonstrating person-centred planning
Board or management meeting minutes that reference compliance, risk, or quality matters
Policies reviewed within the last twelve months, with version control dates visible

If your organisation is building its compliance documentation from the ground up, the 74-document audit-ready SIL compliance kit available at ndiscompliant.com.au covers the Core Module and community participation requirements, with pre-formatted registers, policy templates, and worker induction packs mapped to the NDIS Practice Standards.

After registration: ongoing obligations

Registration carries continuous obligations. Key ongoing requirements include:

Notifying the Commission of any change in key personnel, services, or locations.
Reporting all reportable incidents within the mandatory timeframes.
Submitting to mid-term surveillance audits where required by the Commission.
Renewing registration before expiry and undergoing a renewal audit against the current Practice Standards.
Ensuring all new workers complete NDIS Worker Orientation Module prior to or shortly after commencing.

Non-compliance can result in conditions being placed on your registration, suspension, or cancellation — all of which are published on the NDIS Commission's public register.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.