Operating under a registered NDIS provider framework requires more than access to registration.
Providers must be able to demonstrate that supports are delivered safely, appropriately, and within agreed scope. This requires clear systems, accurate records, worker evidence, participant safeguards, reporting pathways, and ongoing oversight.
CCG's compliance framework is designed to support suitable providers to operate within a structured, monitored, and auditable registered provider environment.
This is what separates CCG from a standard invoice processing brokerage.
CCG does not simply process invoices or allow providers to operate without oversight.
That means before a provider can operate under our framework, we consider whether the provider has the systems, evidence, safeguards, and operational readiness required to deliver NDIS supports safely.
Invoicing may form part of administration, but it is not the service.
The service is:
These are what support safe and accountable NDIS service delivery.
When a provider operates under CCG's framework, there must be a clear understanding of what is required.
Without these controls, providers may create risk for participants, workers, their own business, and the registered provider framework.
CCG's compliance framework is designed to reduce that risk by setting clear expectations from the beginning.
Providers must have a clear understanding of:
Each area sets out what providers must have in place before and during service delivery under CCG's registered provider framework.
Not every provider is suitable to operate under CCG's registered provider framework. Before a provider can proceed, CCG considers the provider's service model, proposed supports, registration group needs, worker evidence, participant safeguards, incident and complaints processes, risk profile, and operational readiness.
Suitability is assessed before a provider can proceed. CCG considers whether the service model, proposed supports, systems, and evidence are appropriate for the framework — not every provider will be suitable, and that assessment happens at the start.
Providers may only deliver supports under CCG's registration for participants who are linked between CCG and the provider through the framework. Before commencement, CCG reviews the supports the provider wants to deliver and considers whether they align with the available registration groups, participant needs, and compliance requirements. This scope control applies to those participants and supports — not to the provider's broader business.
Providers must not deliver supports under CCG's registration outside the agreed scope for linked participants. If a provider wants to change or expand the supports delivered under the registration, that change must be reviewed before the provider proceeds.
The proposed supports must align with the relevant registration groups available under the framework. Different supports carry different obligations, risks, evidence requirements, and practice expectations.
Registration group alignment is reviewed before commencement. If the proposed supports do not align with available registration groups, or if the provider does not have the evidence required for those groups, the provider may not be able to proceed.
Providers must maintain appropriate worker evidence to demonstrate that workers are suitable, prepared, and supported to deliver the relevant supports.
This may include:
Participant safety is central to the framework. For participants linked between CCG and the provider through the registration, providers must maintain appropriate safeguards and be able to show that services are delivered in a way that considers participant needs, preferences, risks, and safety.
This may include:
Providers must have clear processes for identifying, recording, escalating, and responding to incidents and complaints that occur in connection with participants linked through CCG's registration. CCG's framework requires transparency — incidents, complaints, and risks involving those participants must not be hidden, delayed, or ignored.
Incidents, complaints, and risks involving participants linked through CCG's registration must not be hidden, delayed, or ignored. Providers must understand when something must be reported, who it must be reported to, what records must be kept, and what actions are required.
Providers must be able to identify and manage risks connected to supports delivered under CCG's registration. This applies to participants linked through the framework — risk management is not a one-off task, and providers must review and respond to risks as circumstances change for those participants.
This may include:
Providers must maintain records relating to participants linked through CCG's registration — showing what support was delivered, who delivered it, when it occurred, what risks were identified, what actions were taken, and how participant safeguards were maintained. These records relate to the use of CCG's registration, not the provider's broader business. If it is not documented, it may be difficult to evidence.
Documentation supports participant safety, provider accountability, audit readiness, and ongoing oversight. These records relate to participants linked through CCG's registration — not the provider's broader business. If it is not documented, it may be difficult to evidence.
Some supports require additional evidence, controls, or oversight. Where higher-risk supports are involved, CCG may require additional documentation, worker evidence, participant specific information, and service specific safeguards before a provider can proceed.
This may include:
Operating under the framework is not a one-time approval. For participants linked through CCG's registration, providers must continue to maintain evidence, follow procedures, report incidents and complaints, operate within agreed scope, and participate in monitoring.
This may include:
CCG provides:
Providers remain responsible for:
The framework works only when providers are transparent, organised, responsive, and willing to meet their obligations.
Providers operating under CCG's framework must be prepared to meet their obligations throughout the arrangement — not just at the point of onboarding.
This is not a passive arrangement. It is an active compliance framework.
Providers must be prepared to:
Common gaps may include:
Some gaps can be corrected. Other gaps may mean the provider is not suitable for the framework.
If compliance gaps are identified, CCG may require those gaps to be addressed before a provider can proceed.
CCG would rather identify these issues early than allow a provider to operate in a way that creates risk for participants, workers, or the registered provider framework.
A clear compliance framework protects providers by making expectations clear before services commence. Providers know what evidence is required, what supports are within scope, what must be reported, what records must be maintained, and what oversight applies.
This reduces uncertainty and helps providers operate in a more structured and auditable way.
The framework protects participants by ensuring providers are assessed before operating, workers have appropriate evidence, risks are considered, incidents and complaints are reported, and participant safeguards are maintained.
The aim is to support safe service delivery, not simply administrative access.
The framework protects the integrity of the registered provider structure by ensuring providers are not operating informally, outside scope, or without evidence.
Every provider must be suitable, onboarded, monitored, and prepared to meet the requirements of the framework. This is why CCG does not operate as a simple invoice processing brokerage.
If you are considering operating under CCG's registered provider framework, the first step is to understand whether your service has the scope, evidence, systems, safeguards, and operational readiness required to proceed.
Download the Provider Operating Readiness Checklist or book a provider suitability discussion.