Do all NDIS providers need a money handling policy, or only SIL providers?

All registered NDIS providers are expected to have controls around participant money and property, as this is embedded in the NDIS Practice Standards obligations around safeguarding. However, SIL providers face the most scrutiny because support workers routinely assist participants with day-to-day financial transactions in a home setting.

What is the minimum cash amount that triggers dual-authorisation requirements?

The NDIS Practice Standards do not prescribe a specific dollar threshold; providers are expected to set an appropriate limit in their own policy. A common approach is to require two-staff authorisation for any transaction above a low set amount, such as $50 or $100, and for all transactions involving a participant's bank card or account.

Is financial abuse a notifiable incident under the NDIS Commission's rules?

Yes. Financial abuse falls within the definition of abuse reportable under the NDIS (Incident Management and Reportable Incidents) Rules. Providers must report serious incidents involving financial exploitation to the NDIS Commission within the required timeframes and manage them through their incident management system.

How long must providers keep financial records relating to participant transactions?

Providers must retain records consistent with their NDIS registration conditions and applicable Australian law. As a general guide, seven years is a widely applied minimum in Australia for financial records, though you should confirm the specific retention period in your registration conditions and relevant state legislation.

Can a support worker hold a participant's bank card overnight?

This should only occur with explicit written authorisation from the participant or their authorised representative, and the circumstances and duration should be documented. Best practice is to avoid overnight card holding wherever possible and to build a policy control that requires a daily handover and reconciliation.

What happens if a provider fails a money handling audit finding?

An auditor may issue a non-conformance finding, which the provider must address within a remediation period. Serious or repeated failures can affect registration renewal. Where the NDIS Commission identifies financial abuse or systemic non-compliance, it can impose conditions, suspend, or revoke registration under the National Disability Insurance Scheme Act 2013.

NDIS Money Handling Policy Checklist for New Providers

Why Money Handling Policies Matter for NDIS Registration

When you apply for NDIS registration — or renew your registration under the strengthened framework rolling out from 2026 — quality auditors will check whether your organisation has documented, implemented, and reviewed a money handling policy. This is not a box-ticking exercise. The NDIS Commission's Practice Standards set clear expectations about protecting participant money and property, and non-conformance in this area is one of the most common findings auditors report for new providers.

For Supported Independent Living (SIL) providers especially, money handling is high-stakes. Participants living in SIL arrangements often rely on support workers to assist with daily transactions, grocery purchases, bill payments, and petty cash. Without robust policy and practice controls, the risk of financial abuse, misappropriation, or simple error is significant — and the consequences for both participants and providers can be serious.

This checklist covers every element your money handling policy needs to include, organised in the order auditors typically examine them.

The Core NDIS Money Handling Policy Checklist

1. Policy Purpose and Scope

Clearly state that the policy applies to all staff, volunteers, and contractors who handle participant money or assist participants with financial transactions.
Define what "participant money" means in your context — cash, bank cards, EFTPOS, digital wallets, NDIS plan funds, and property of value.
Reference the relevant NDIS Practice Standard (the Rights and Responsibilities and Support Provision modules include obligations around safeguarding participant property).
State that compliance with this policy is a condition of employment and engagement.

2. Roles and Responsibilities

Name the role (not just a person) responsible for overseeing financial safeguards — typically a finance lead, registered manager, or compliance officer.
Specify who can authorise transactions on behalf of a participant and under what conditions.
Require that at least two staff members are involved in any transaction above a defined threshold (the dual-authorisation principle).
Prohibit any staff member from being a sole authorised signatory on a participant's personal bank account.

3. Receiving and Recording Participant Money

Require a written receipt for every cash transaction, however small.
State the maximum amount of cash that can be held on behalf of a participant at any one time, and where it must be stored (for example, a locked drawer or safe).
Require petty cash records to be reconciled at the end of every shift or every 24-hour period, whichever is shorter.
Specify that no staff member's personal funds are ever to be commingled with participant funds.
Require electronic transaction records (bank statements, EFTPOS receipts) to be attached to the participant's file within a set timeframe after each transaction.

4. Assisted Purchases and Shopping

Define the process for shopping with or on behalf of a participant — including who accompanies, how funds are drawn, and how change and receipts are returned and recorded.
Require that grocery and personal shopping is itemised and that the participant (or their representative) confirms accuracy.
Prohibit staff from using participant funds for any purpose other than what the participant has expressly authorised.
Address online shopping separately — require participant or guardian approval before any online purchase, and retain order confirmations.

5. NDIS Plan Funds and Invoicing

Describe how your organisation invoices participants or the NDIA (via the myplace portal or a registered plan manager), including the timeframe for submitting claims after service delivery.
Require invoices to accurately reflect services actually delivered — not block-billed or pre-claimed.
State your process for handling overpayments or billing errors, including how you notify the participant or NDIA and issue corrections.
Reference the NDIS Pricing Arrangements and Price Limits as the ceiling for any charge, and require staff to be aware of applicable support item codes.

6. Participant Property

Extend money handling obligations to participant property of value — jewellery, electronics, medications, and similar items.
Require a property register that lists high-value items in the participant's home and is signed by the participant or their representative.
Establish a process for reporting lost or damaged participant property, including incident notification where required.

7. Fraud and Financial Abuse Prevention

Define financial abuse as a form of abuse reportable under the NDIS Code of Conduct and the mandatory reporting obligations in the provider registration conditions.
Require staff to report any suspicion of financial exploitation — by another worker, a family member, or any third party — through your internal incident management system and, where required, to the NDIS Commission.
State your zero-tolerance position: staff found to have misappropriated participant funds will face immediate stand-down pending investigation and referral to relevant authorities.
Prohibit staff from accepting gifts, loans, or bequests from participants or their families beyond token, low-value items.
Include the obligation to report serious incidents involving financial abuse to the NDIS Commission within the required timeframes under the incident management reporting framework.

8. Audit Trails and Record Keeping

Require all financial records relating to participant transactions to be kept for a minimum period consistent with NDIS registration conditions and Australian tax law (whichever is longer).
Store records securely with access restricted to authorised personnel.
Specify that records must be available for inspection by the NDIS Commission or an approved quality auditor on request.
Require internal spot-checks or reconciliations at regular intervals — at least monthly for petty cash and quarterly for account-assisted transactions.

9. Policy Review and Training

Commit to reviewing the policy at least annually and following any change to NDIS Practice Standards, pricing arrangements, or relevant legislation.
Require all staff to complete induction training on this policy before they handle participant funds.
Record training completion in your workforce management system.
Include a section for participant and representative feedback — they have the right to raise concerns about how their money is managed.

Common Non-Conformances Auditors Find

Based on the types of findings that NDIS quality auditors commonly report, new providers should watch for these pitfalls:

No petty cash reconciliation record. Having a policy is not enough — you must have completed reconciliation sheets that show the policy is actually being followed.
Single-staff authorisation for all transactions. Dual-authorisation controls are a recognised safeguard; removing them creates risk and is viewed unfavourably in audits.
Invoices submitted before service delivery. Pre-claiming against NDIS plan funds is a serious compliance matter and is distinct from standard payment terms.
No property register. Auditors look for evidence that you have inventoried and protected participant property, not just participant cash.
Staff unaware of the policy. Even a well-written policy fails if workers cannot demonstrate they know and apply it. Training records are essential.
No link to your incident management system. Financial abuse is a notifiable incident type; if your money handling policy does not cross-reference your incident management procedure, auditors treat this as a gap.

Practical Template: Policy Statement Excerpt

Policy Element	What Your Document Should Say
Purpose	"This policy ensures participant money and property are handled with integrity, transparency, and in accordance with NDIS Practice Standards."
Scope	"Applies to all employees, contractors, and volunteers who assist participants with any financial transaction."
Petty cash limit	"No more than $[X] in cash is to be held on behalf of any participant at any time, stored in a locked container."
Reconciliation	"Petty cash is reconciled at the end of each shift; any discrepancy is reported to the registered manager within two hours."
Prohibited conduct	"Staff must never borrow money from participants, accept gifts above a nominal value, or hold a participant's bank card overnight without written authorisation."
Reporting obligation	"Suspected financial abuse is reported internally via the incident management system and, where required, to the NDIS Commission within the mandated timeframe."

Pulling It All Together

A money handling policy is only as strong as the systems and culture behind it. Train your team, spot-check your records, and keep the policy current as NDIS requirements evolve under the 2026 strengthened framework. If you are building out your full compliance document suite, ndiscompliant.com.au offers a 74-document audit-ready SIL compliance kit that includes a complete money handling policy template alongside all the other documents new providers typically need for registration — worth reviewing before your audit date.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.