NDIS compliance is not generic accounting
The National Disability Insurance Scheme has created a compliance environment unlike anything else in Australian professional services. NDIS providers are required to undergo audits against the NDIS Practice Standards not generic financial audits, but sector-specific assessments that cover governance, incident management, risk management, human resources, and financial management as
an integrated framework.
Most CPA and accounting firms that serve NDIS provider clients did not build NDIS-specific expertise when they took those clients on. They applied general accounting and audit preparation knowledge to a sector that requires sectorspecific knowledge. The gaps that result are predictable and they are the
same gaps the NDIS Quality and Safeguards Commission’s auditors are trained
to find.
The five areas where preparation most often falls short
1. Financial management documentation against the Practice Standards
NDIS auditors assess financial management not just against accounting accuracy, but against the specific requirements of the Practice Standards. This includes fund management compliance how the provider manages NDIS funding separately from other revenue and claims reconciliation against participant plan budgets.
Generic audit-ready financial statements are not the same as Practice Standardscompliant financial documentation. The difference is in the evidence trail: which transactions relate to which participants, and how the provider can demonstrate that funding has been applied within the parameters of each individual plan.
2. Participant plan claims reconciliation
NDIS providers claim funding against individual participant plans, each of which has specific support items and price guide limits. Audit preparation for NDIS providers needs to include a systematic reconciliation of claims against plans verifying that claimed amounts align with approved supports and that price guide compliance is maintained.
This requires more than accounting accuracy. It requires familiarity with the NDIS price guide structure and the ability to identify claims that may be technically compliant but are likely to attract auditor scrutiny.
3. Incident management documentation
The NDIS Practice Standards require providers to maintain systems for recording, reviewing, and responding to incidents involving participants. Auditors assess not just whether an incident register exists, but whether it is being used correctly whether incidents are classified appropriately, whether responses are documented, and whether the provider can demonstrate learning from incidents over time.
CPA firms preparing clients for NDIS audits often focus entirely on financial documentation and do not address incident management. This is one of the most common sources of non-conformance findings.
4. Workforce governance and SCHADS compliance
For providers who employ support workers, the Social, Community, Home Care and Disability Services Industry Award (SCHADS) creates detailed payroll compliance obligations classification structures, allowances, penalty rates, and leave entitlements that are specific to the sector.
Payroll compliance failures under SCHADS can create significant underpayment liabilities. Audit preparation needs to include a payroll review against the current SCHADS Award not just a check that payroll software is calculating superannuation correctly.
5. Governance documentation
NDIS auditors assess governance against the Practice Standards, which means they review board composition, policy frameworks, risk management processes, and quality improvement mechanisms. Providers without documented governance frameworks even small ones can face non-conformance findings in areas that feel remote from accounting and finance.
What specialist preparation looks like
Preparing an NDIS provider client for audit requires a structured approach across all five areas above. It begins before the audit arrives typically three to six months prior, with a gap analysis against the Practice Standards.
The gap analysis identifies which areas of the provider’s documentation and processes are audit-ready and which need remediation. Remediation might involve creating or updating policies, restructuring the incident register, reconciling participant plan claims, or reviewing payroll classification decisions.
The output of this process should be a provider that can demonstrate compliance against each relevant Practice Standard not just an organisation whose accounts have been reviewed and whose financial statements are accurate.
A note on verification vs. certification audits
Not all NDIS providers require the same audit pathway. Providers registered for lower-risk support items undergo verification audits. Providers registered for higher-risk supports including behaviour support and specialist disability accommodation undergo certification audits.
Certification audits are significantly more intensive and assess against the full Practice Standards framework. If your clients are seeking certification registration or renewal, the audit preparation requirements are substantially higher than for verification providers, and the timeline for preparation should be extended accordingly
