Skip to content
GuardRail
Sign inStart free
Commences 1 July 2026

NDIS Practice Standards 2026 — mandatory registration changes from 1 July

Supported Independent Living and platform providers move into mandatory NDIS registration on 1 July 2026. Existing registered providers continue under updated Practice Standards obligations. This is a plain-English explainer of who moves into scope, how a Practice Standards audit works, and a readiness checklist you can run today.

What changes 1 July 2026

Supported Independent Living (SIL) providers
Mandatory registration from 1 July 2026

SIL is high-intensity, high-risk support — overnight care in a shared accommodation setting. The risk profile justified the move out of the voluntary cohort. If you deliver SIL, you must hold registration against the Core Module + the High Intensity Daily Personal Activities Supplementary Module by commencement.

Platform providers
Mandatory registration from 1 July 2026

Platform providers — businesses connecting NDIS participants with workers, often app-driven — move into mandatory registration. This captures the on-demand support market that previously sat outside NDIS registration obligations entirely.

Support coordination
Mandatory registration deferred — voluntary continues

The original mandatory-registration scope included support coordination but the commencement was paused after sector consultation. Support coordinators can continue to operate unregistered for now. The status of this cohort is the most likely to move; track regulator announcements.

All existing registered providers
Continued obligation under the updated Practice Standards

If you are already registered, the 2026 changes do not waive your existing obligations. Audit cycles continue. Trust the audit dates in your current registration certificate.

What an audit covers

Every registered provider is audited against the Core Module — 14 outcomes, 24 indicators across four sections (Rights, Governance, Provision of Supports, Support Environment). Supplementary Modules apply on top for higher-risk supports (e.g. High Intensity Daily Personal Activities, Specialist Behaviour Support, Specialist Disability Accommodation).

Core Module — the 14 outcomes
  • Person-centred supports
  • Individual values and beliefs
  • Privacy and dignity
  • Independence and informed choice
  • Violence, abuse, neglect, exploitation and discrimination
  • Governance and operational management
  • Risk management
  • Quality management
  • Information management
  • Feedback and complaints management
  • Incident management
  • Human resource management
  • Continuity of supports
  • Access to supports

Readiness checklist

Run these eight questions through your operations. A "no" or "not sure" on any one of them is a gap to close before audit. If you are newly in scope from 1 July 2026, these are also the gaps an initial certification audit will probe.

  • Do we know which NDIS modules apply to the supports we deliver? (Core, High Intensity Daily Personal Activities, Specialist Behaviour Support, Implementing Behaviour Support, Early Childhood Supports, Specialist Disability Accommodation, etc.)
  • Have we mapped each Core Module indicator to a current policy, procedure, or evidence record in our document library?
  • When was each policy last reviewed? Anything older than 24 months is a red flag at audit.
  • Do we have evidence — not just policies — of how we operationalise each outcome day-to-day?
  • If an auditor asked us today to show three incident reports from the last 12 months and the resolution evidence, could we produce them within an hour?
  • Do our staff complete documented induction and ongoing training tied to each outcome?
  • Are participant rights, complaint pathways, and incident-reporting processes communicated in plain language and accessible formats?
  • Have we run a mock audit in the last 12 months?

How GuardRail helps

GuardRail's NDIS readiness scanner runs your policies against every Core Module indicator. It returns per-indicator findings (met, partially met, not met, or not evidenced), cites the evidence from your documents, and produces an auditor-pack PDF with the remediation steps. Free tier includes one Core Module scan per twelve months and full access to the policy template library. Professional tier covers unlimited scans, Supplementary Modules (beta), and Trust Hub publishing.

We position GuardRail as a readiness scanner, not an auditor. We do not certify; we help you walk into the certification audit prepared.

Frequently asked

Who has to register from 1 July 2026?

Supported Independent Living (SIL) providers and platform providers move from voluntary to mandatory NDIS registration. Support coordination registration was originally in scope but is currently deferred. If you deliver supports across multiple categories — e.g. SIL plus support coordination — the SIL side triggers mandatory registration even if your coordination work is otherwise voluntary.

What is an NDIS Practice Standards audit?

A qualified third-party auditor reviews your organisation against the Core Module (14 outcomes, 24 indicators) plus any Supplementary Modules that apply to your supports. The audit examines policies, procedures, training records, incident logs, participant feedback, and operational evidence. Most providers undergo a Stage 1 desktop audit followed by a Stage 2 on-site or virtual audit.

How long is an NDIS registration cycle?

Most certifications run on a 3-year cycle with mid-cycle surveillance audits. Verification (lower-risk supports) runs on a similar cycle but with lighter audit scope. Your specific cycle is set out in your registration certificate.

What evidence does an auditor actually want?

Policies and procedures are necessary but not sufficient. Auditors want to see operational evidence: training completion records, induction sign-offs, incident reports with resolution detail, participant feedback log, complaints register, risk assessment outputs, staff supervision records, and minutes of relevant governance meetings.

What happens if we don't register by 1 July 2026?

Delivering supports that require mandatory registration without holding registration is a breach of the National Disability Insurance Scheme Act 2013 and the Practice Standards. Penalties include enforceable undertakings, infringement notices, registration suspension or cancellation, and civil penalties. The NDIS Commission has materially increased enforcement activity through 2025-2026.

Where does AI / automated decision-making fit in?

If you use AI in support planning, scheduling, risk triage, or eligibility decisions, the Privacy Act ADM amendments commencing 10 December 2026 likely apply on top of your NDIS obligations. The same evidence trail — what the system does, what data it uses, how decisions are reviewed — feeds both frameworks.

Run a free Core Module scan

Upload your policies and procedures. GuardRail returns a per-indicator gap report and an auditor-pack PDF you can take straight to your next certification or surveillance audit.

Start freeTalk to GuardRail
Privacy Act ADM amendments
What changes 10 December 2026
AI Safety Standard — 10 Guardrails
Voluntary today; mandatory consideration for high-risk AI
NDIS policy template library
Free downloadable policies aligned to the Core Module

This page is general information about Australian regulatory direction, not legal advice. For specific application to your organisation, consult the NDIS Quality and Safeguards Commission published guidance or a qualified compliance adviser. Last reviewed 2026-05-25.