Understanding the NDIS REC Audit
Blog
NDIS Compliance

Understanding the NDIS REC Audit

June 30, 2025

Navigating the NDIS registration process can be complex, particularly when dealing with additional audit requirements such as the Remaining Elements of Certification (REC) Audit. This guide explains what an REC audit is, when and why it occurs, how it fits with the broader audit cycle, and how providers can prepare for it successfully. Understanding the specific NDIS registration groups relevant to your services is essential for navigating the audit process effectively. Whether you are a new or existing provider, understanding this process is crucial for maintaining your NDIS registration and being able to provide services in compliance with NDIS regulations and requirements.

What is a Remaining Elements of Certification (REC) Audit?

An NDIS Remaining Elements of Certification (REC) Audit is a specific type of follow-up audit. It occurs when some elements of the NDIS Practice Standards could not be fully assessed during a provider’s initial Certification Audit. Often, this is because the provider had not yet commenced service delivery or did not have enough operational evidence for a full assessment.

Rather than denying registration outright, the NDIS Commission may grant provisional approval on the condition that the provider undergo a REC audit once they begin providing services. This ensures that participant outcomes, safety, and quality standards are fully verified once real operations are underway.

Key points:

  • REC audits are follow-up audits for outstanding assessment elements.
  • They occur after initial registration when provisional approval is granted.
  • Not all certification classes of support were witnessed at the initial audit.

When and Why Does a REC Audit Occur?

REC audits are triggered under specific circumstances, most commonly when a provider:

  • Had no participants at the time of their Stage 2 Certification Audit.
  • Was unable to demonstrate practical application of systems and processes.
  • Registered for complex supports (e.g., Behaviour Support) but had not commenced those services.

Providers offering higher risk supports must meet stringent audit requirements to ensure participant safety and service quality.

Providers must comply with professional regulation standards to ensure quality and safety in service delivery.

The purpose is to ensure that once service delivery begins, all standards related to participant safety, service quality, and organisational governance are actively upheld.

Timeline and Steps Involved in an REC Audit

The timeline for completing a REC audit is clear and tight. Generally, providers must:

  • Complete the REC audit within 90 days (three months) of commencing service delivery.
  • Notify their NDIS auditors as soon as services commence.
  • Undertake the REC audit promptly to remain compliant.
  • In the event that service delivery commences between 12 and 18 months form the date of registration, the remaining elements of the certification audit must be completed as part of the midterm audit, commencing no later than 18 months after registration.

Step-by-Step Process:

  1. Provisional Registration Granted: The NDIS Commission grants registration with a condition requiring a REC audit.
  2. Commence Service Delivery: Provider begins supporting NDIS participants.
  3. Notify Auditor: Inform the Approved Quality Auditor immediately upon service commencement.
  4. Arrange REC Audit: Book and complete the REC audit within 90 days. Ensure that all staff members are aware of their roles and responsibilities during the audit process.
  5. Submit Audit Outcome: Auditor submits findings to the Commission.
  6. Condition Lifted: Upon successful audit, conditional registration is lifted, and full certification continues.

Failure to complete the REC audit within the timeframe may lead to suspension or revocation of registration.

How the REC Audit Relates to the Mid-Term Audit

All certified providers must also undergo a mid-term audit approximately 18 months into their three-year registration cycle. The mid-term audit reviews ongoing compliance across all relevant NDIS Practice Standards. Providers offering more complex supports may have additional audit requirements, including document reviews, site visits, and participant interviews.

However, confusion can arise because sometimes the timing of the REC audit and mid-term audit overlap. Providers may:

  • Complete a REC audit shortly after starting services.
  • Find their mid-term audit scheduled relatively soon after.
  • Potentially bundle the REC and mid-term audits if timing permits, with the Commission’s and auditor’s approval.

Bundling audits can reduce disruption but must be carefully coordinated. Providers should:

  • Clarify early with their auditor if bundling is possible.
  • Never delay a REC audit waiting for the mid-term audit unless formally agreed.

Remember, the REC audit is about completing initial certification conditions, whereas the mid-term audit is a standard surveillance audit for all certified providers.

Common Reasons Providers receive a REC Audit

Receiving a REC audit requirement is not a failure. It often reflects timing or operational factors, such as:

  • No Participants at Initial Audit: The provider had policies and systems but no active service delivery to assess.
  • New Service Types: Providers registering for complex supports without current clients.

In all cases, the Commission’s goal is to verify participant safety and service quality once operations are live.

How to Prepare for a REC Audit

1. Review Your Initial Audit Report and Conditions

Understand exactly which elements were deferred for later assessment. These will form the scope of the REC audit.

2. Implement Policies and Procedures from Day One

Once service delivery starts, embed all systems into daily operations. Examples include:

  • Completing service agreements with participants.
  • Documenting supports delivered.
  • Recording and managing any incidents or complaints.
  • Conducting staff training and documenting attendance.

3. Gather Practical Evidence

Auditors will want to see real-world evidence, such as:

  • Completed participant:
    • intake forms,
    • support plans,
    • emergency plans,
    • risk assessments and
    • other support plans and documents that support the participant needs and goals.
  • Incident reports.
  • Complaint registers and resolutions.
  • Staff training and supervision records.

Evidence should show policies are being followed and quality outcomes are being achieved.

4. Communicate with Your Auditor

Early and clear communication is key. Discuss the below:

  • The exact scope of the REC audit.
  • Audit timeframes and scheduling.
  • Any bundling options with the mid-term audit (if timing aligns).

5. Prepare Staff and Participants

Ensure staff are trained, aware of their responsibilities, and ready for audit interviews.

Participants (or their guardians) should understand their role in providing feedback if approached by auditors.

6. Conduct an Internal Audit or Mock Review

Before the REC audit, perform a self-assessment:

  • Review participant files for completeness.
  • Check staff compliance with key processes.
  • Identify and fix any gaps.

7. Stay Ahead of the 90-Day Deadline

Arrange the audit early within the 90-day window to allow time for any follow-up actions if needed.

Risks of Failing a REC Audit

Failing a REC audit carries significant risks:

  • Breach of Registration Conditions: May lead to regulatory action.
  • Suspension or Revocation of Registration: Providers could lose NDIS approval.
  • Business Impact: Disruption to service delivery, reputational damage, and financial loss.
  • Participant Impact: Participants may need to transition to other providers.

Providers must submit a corrective action plan to address any non-conformities identified during the audit.

To avoid these risks, providers must approach the REC audit with the same seriousness as their initial certification audit.

Conclusion

The NDIS Remaining Elements of Certification (REC) Audit is a valuable quality assurance mechanism. It ensures that NDIS providers who received provisional approval during initial certification meet all required Practice Standards once they are operational.

Providers should view the REC audit not as a hurdle, but as an opportunity to demonstrate service excellence and participant safety in action. By preparing early, embedding systems from the start, and working closely with auditors, most providers successfully complete their REC audits with confidence.

Clear communication, strong documentation, and proactive engagement with compliance are key to navigating the REC audit smoothly and securing your full certification.

Yvette Clark
Yvette Clark
Senior NDIS Consultant
Over 33 years' experience in the disability sector, spanning provider leadership and NDIS auditing across all registration groups.
LinkedIn
Contact us

We take the headache out of the NDIS so you can do what you do best – care for others.

Book your FREE 30-minute call with one of our experts today

We’ll break down the process and make it simple.

Get clarity on your situation and what’s needed.

We’ll map out the steps to get you moving forward.

Thanks for submitting the form