Automating Key Personnel compliance across 10,000+ staff

The regulatory obligation

The Aged Care Act 2024 imposes specific obligations on approved providers regarding Key Personnel — the executives, directors, and senior managers who are responsible for the management and operation of the aged care service. Providers must notify the Aged Care Quality and Safety Commission of changes to key personnel within defined timeframes, maintain documentation of the notification and any required suitability assessments, and ensure that key personnel meet the suitability requirements that apply to their roles.

Alongside the Aged Care Act obligations, Uniting AgeWell operates significant NDIS services. The NDIS Quality and Safeguards Commission imposes its own worker screening obligations — requiring that workers in NDIS-funded roles hold a current NDIS Worker Screening Check and are not subject to a banning order under the NDIS Act. The NDIS banning register must be checked against the provider's workforce on an ongoing basis.

For an organisation with a workforce of more than 10,000 staff across a complex mix of aged care, NDIS, and other community services roles — the compliance surface is large, the obligations are specific, and the consequences of a gap are serious.

The challenge with manual management

Prior to this engagement, Uniting AgeWell's Key Personnel compliance process and employee screening checks were managed manually. For the KP annual review, this meant coordinating the review process across key management personnel, collecting documentation, tracking completion, and producing the required records — all through a combination of spreadsheets, email, and individual staff memory.

For the employee screening checks, the process was more demanding: a rolling weekly check of all staff against the NDIS banning register and the Aged Care Quality and Safety Commission's banning register — manually cross-referencing the workforce data from the HR system against both registers, logging outcomes, and escalating any matches for review.

The specific risks this created were clear:

• Completeness risk — manual processes cannot guarantee that every employee is checked every week. Gaps in coverage are invisible until an audit or an incident surfaces them.
• Timeliness risk — the rolling manual process had no systematic escalation if a check was not completed. Delays accumulated without visibility.
• Documentation risk — the evidence trail for both KP reviews and employee screening was inconsistent, stored across multiple formats, and not readily producible for a Commission audit.
• Scalability risk — as the organisation grew, the manual overhead grew proportionally, but the team managing it did not.

The solution

Taidotech designed and built a custom compliance application covering two distinct but related workflows: the Key Personnel annual review process, and the ongoing employee screening check programme.

Key Personnel annual review workflow

The KP annual review workflow automates the end-to-end process for reviewing key management personnel against the suitability requirements of the Aged Care Act 2024. The application:

• Maintains the current list of key management personnel, drawn from the HR system integration, with role classification against the regulatory definition of key personnel under the Act.
• Triggers the annual review process on schedule for each key person, routing the review task to the appropriate manager or governance function with the required documentation checklist.
• Tracks completion status in real time, escalating automatically through Teams if the review is not completed within the required window.
• Checks each key person against the Aged Care banning register as part of the review process, logging the outcome and flagging any matches for immediate escalation.
• Generates the required notification documentation for any changes to key personnel, routes it for review and approval, and files the completed notification and confirmation against the compliance record with a timestamp.
• Produces a structured compliance record for each KP review — including who was reviewed, when, what the outcome was, and what documentation was produced — searchable and exportable for audit purposes.

Employee screening check programme

The employee screening check programme automates the weekly rolling check of all staff against the NDIS banning register and the Aged Care Quality and Safety Commission banning register. The application:

• Connects to the HR system to maintain a current, complete view of the workforce — including new starters, role changes, terminations, and leave status — updated in real time as changes occur in the source system.
• Runs the automated screening check on the configured schedule, cross-referencing every active staff member against both banning registers.
• Logs the outcome of every check — individual, date, register checked, result — creating a complete, timestamped audit trail of every screening event.
• Flags any matches for immediate review and escalation, routing the alert through Teams to the appropriate HR and compliance stakeholder with full context.
• Generates scheduled compliance reports showing check coverage, completion rates, and any flagged outcomes — designed for both operational monitoring and Commission audit readiness.

Integration architecture

The compliance application connects to four external systems, each with its own integration pattern and data model:

The governance outcome

The application transforms a compliance process that previously depended on individual staff memory and manual effort into a systematic, governed programme that runs reliably regardless of team capacity, organisational growth, or staff turnover. Every check is logged. Every outcome is documented. Every escalation is routed appropriately and recorded.

The audit trail is complete and structured — every screening event, every KP review, every notification — searchable, filterable, and exportable in the format the Commission expects to see. The question "can you demonstrate that every staff member in an NDIS-funded role was checked against the banning register in the last twelve months?" has a systematic, documented answer rather than a reconstructed one.