Beyond Tick-Box Compliance

Lisa Hamilton: Welcome, everyone. I’m Lisa from SFG20. Over the next 30 minutes or so, my colleague Marc and I will help you to understand how to ensure your building maintenance is compliant and can be readily evidenced. This webinar is for all FM professionals, whether you’re a building owner, an occupier, asset manager, engineer, or service provider.

The aim is to help you think practically about your responsibilities so that you can ensure your buildings are maintained appropriately to keep them safe for occupants. If you have questions throughout the session, please add them. You can even add them to the Q&A or the chat, and we’ll answer as many as we can at the end or get in touch with you afterwards to have a chat and answer your questions.

So as this slide says, the industry needs to move beyond just ticking off tasks. As an industry professional, you need to understand what applies to you, why it applies, who owns each task, and how you’re going to evidence work and your decisions. At the end of this session, you will leave with a better understanding of three things.

Number one, the shift in expectations from a tick box mentality to accountability, making decisions based upon the unique risk of your estate and being able to readily and properly evidence the decisions that have been made to, to drive your maintenance regime. Number two, how to spot the compliance gaps as equal risk.

And three, what a more defensible regime looks like in practice. So I interviewed Dame Judith Hackitt, who led the independent review of building regulations and fire safety following the Grenfell Tower fire, and I’d like to share two of Dame Judith’s quotes from that interview. The first is that, “The regulator is not gonna tell you what to do.

You have to decide because this, this is your responsibility.” And the second is, “We’ve moved away from prescription, the idea of do all of these things and you’ll be okay, to a world where organisations have to decide what is right for their buildings because it is their responsibility.” As a result of the review that Dame Judith led, the UK government accepted in full all of the recommendations that she made to raise safety standards in the industry.

This in turn led to a new piece of legislation being introduced, which is of course, the Building Safety Act, which became law at the end of April twenty twenty-two. The act has increased focus on accountability, evidence, and proportionate risk management. Some duties are specific to higher risk residential buildings, but the wider direction of travel is clear.

Organisations are expected to show that safety related decisions are structured, current, and evidence-led. And let’s be clear, ignorance is not an excuse. Final charging decisions as a result of the Grenfell Tower fire are expected at the end of twenty twenty-six. There are fifty-eight individuals and nineteen companies currently under investigation.

It is likely that offences will include corporate manslaughter and could include gross negligence manslaughter

Here’s another quote from the same interview that’s highly relevant to FM teams. “Organisations need to know what they’re dealing with. How confident are you in the accuracy of your asset register? You need to understand the gaps and prioritise work according to the risk rather than their volume.” Dame Judith’s point was that teams need accurate information, clear accountability, and the confidence to make proportionate risk-based decisions.

So doing one thing may take a big chunk of risk out of your system and leave you with lots of other small things that can credibly be fixed later. Or you could fix twenty small things, and it won’t significantly reduce the risk that you’re dealing with. So the point is, it’s important to do the right things and the things that will make the most difference first.

Ask yourself this: Are you doing the right tasks? Are they being done in your organisation? Are you aware of all of the maintenance tasks that are required by law? Are they being completed by the right people? And by that, I mean competent people that are qualified to complete the task safely. And lastly, how would you evidence the decisions you’ve made as to why you’ve completed this but deferred something else?

Can those decisions be accessed readily, and are they documented consistently across sites? And while it’s really great that you’re sparing your time to upskill and educate yourselves on your responsibilities, this also requires culture change from the very top. Your board of directors need to be asking you for an honest assessment of how your estate is being managed, where the gaps are, and what it’s gonna take to get you where you need to be, rather than handing you an ever-reducing maintenance budget that won’t enable you to maintain your building compliantly.

And we will be sharing the slides and the recording of this afterwards, so you can share this with senior stakeholders within your business The Building Safety Act brings clarity to three areas, responsibility, risk, and evidence. Let’s take each one in turn. Section sixty-five of the Building Safety Act states which buildings are included in the occupation part of the high-risk regime.

Essentially, buildings in England must be at least eighteen metres in height or have at least seven stories and contain at least two residential units. It’s unlikely that the high-risk building height limit will be reduced in the near future due to resulting pressures on the building safety regulator, but it is only a matter of time.

It’s not an if, it’s a when. Two new roles and responsibilities were introduced with the act. The accountable person, which is an organisation or individual who owns or has responsibility for the building and its common parts. They’re legally responsible for assessing and managing fire and structural safety risks.

In buildings with multiple accountable persons, whoever owns or has a legal obligation to repair the structure and exterior of the building is the principal accountable person. Prin-- Uh, accountable persons and principal accountable persons, or APs and PAPs as they are known, they can employ an organisation or an individual, like a managing agent, to carry out duties on their behalf.

However, here’s a really important point. The accountability for making sure those duties are carried out and the liability for building safety remains with the APs and the PAP. This matters for FM because outsourcing work doesn’t mean you can outsource your responsibility. Secondly, let’s talk about risk and what we mean by it.

We mean the probability and impact if an asset were to fail, and this will vary from building to building and site to site. Should an incident occur, your defence against liability, whether under the Building Safety Act or any other applicable law, relies on proving three things. You must be able to show that your actions were what a competent professional or contractor would do in those exact circumstances.

You must adhere to the relevant current laws and regulations. This is your baseline defence, and you must be able to evidence documented decisions, risks identified, and actions taken. And believe me, none of this is easy, and that’s why we’re running this session today, and that’s why we’re here to support

Compliance gaps may not be obvious unless you know where to look. So you may not have an up-to-date view of all of the assets that you need to maintain because, let’s be honest, over time, new assets are added, old assets are replaced, sometimes not with like for like. If you don’t know what you’ve got, how on earth are you expected to maintain them properly?

Um, secondly, often we see that gaps exist when you’ve inherited maintenance schedules from another person or an organisation. So ask yourself, when were your schedules last reviewed and updated? You’re exposing yourself to significant risk, particularly if your regime has not been fully updated since the introduction of the Building Safety Act, and that’s just one piece of legislation that you’ve got to keep on top of.

Another area that we see gaps occur is when teams are not clear on which tasks are required by law versus those that may be optimal or even discretionary, and budget cuts can lead to the wrong maintenance being deferred or cancelled. Another area that we see is evidence is often inconsistent, or it’s incomplete, or it’s fragmented across owners, managing agents, FM service providers, specialist contractors.

And then there’s the task ownership. What is being outsourced, and what is being completed by competent persons on site? And are they competent to do the work they’re being asked to do? And can you prove it So can you answer these questions to test how defensible your regime is currently? So do you know, number one, what you mean-- need to maintain?

And this is all about the quality and how updated your asset register is. Number two, have you identified the correct maintenance for all of the assets on your site? And of that, which tasks are legally required versus which tasks are best practice? Fourth, when was your last regime properly reviewed and updated?

Number five, do you know who owns each compliance critical task? And lastly, could you evidence it if challenged or an audit was to occur? If you can’t answer these questions readily, your immediate need is a structured maintenance baseline to work from and tools to evidence the work you’ve completed and the decisions that you’ve made along the way.

Where regimes go wrong. So inherited schedules i-is a big one. Tasks may be carried forward from year to year without a fresh check against today’s requirements. Inherited schedules may no longer reflect the asset base or the current legislative, um, situation. Secondly, unclear ownership. So owners, FM teams, contractors, specialists, all working from different assumptions.

Responsibility may sit awkwardly between internal teams and contractors. Third, statutory, optimal, and discretionary tasks may be treated as if they’re all the same, and of course, they’re not. They may be buried inside wider best practice activity. It’s really critical to identify which tasks are required by law.

And fourth, records, we often see this, split across systems, suppliers, sites, spreadsheets, may even be paper-based. Your evidence may exist, but not in a form that’s easy to retrieve or explain. And this is where a recognised standard and a structured review process become invaluable. They give teams a way to move from local approach, interpretation, and inherited assumptions to a clear and consistent approach throughout your estate.

Some of the compliance gaps cited in the Grenfell Tower Inquiry phase two report were that there were flaws in the building’s tenant management association. There was a huge backlog of maintenance work that it never managed to clear. There were poor repair services. There was a persistent indifference to fire safety.

There was no fire safety strategy in place despite advice given eight years before the fire. And the only fire assessor had invented some of his qualifications and wasn’t competent to carry out risk assessments. So unfortunately, these risks that we’re talking about are very real, and you want to avoid them ag- at all costs So what does good look like?

Well, you need to start with a trusted baseline for your maintenance. Without a baseline, every site or contractor may interpret the required regime differently. Next, your statutory task identification. So teams need to separate what is legally required from what is optimal or discretionary. Then ownership.

Who is responsible for each compliance-critical action, evidence, and escalation? And finally, the evidence trail. Can your organisation show what has been done, when, and why? This model that we’ve given you is intentionally simple. It gives you a clear framework to apply to your own maintenance approach and a way to explain to others if your regime is fit for purpose and would stand up to an audit.

And here’s a, a great process to follow as well. Again, really, really simple. This is the process to adopt. First of all, know what you have. What assets do you have currently? Then decide what applies. What’s the correct maintenance for each of those assets, and what matters most? Then do that work using competent people for each task.

And then evidence, so collect, record, retrieve evidence. Um, and then lastly, this is super important, review the regime so that it stays current against legislation and assets, and site conditions change as well

Before I hand over to my colleague, Marc, to give you a demonstration, let me tell you a little bit about SFG20.

It’s the industry standard for building maintenance specification. It gives teams a recognised baseline for planned maintenance, which supports better decisions around where to place your focus and how to keep your regime up to date as regulatory requirements change. I’m gonna hand over to Marc, who’s gonna show how a maintenance regime can be created using your asset register, how statutory tasks are identified, how the standard supports better decisions, and how evidencing and auditing conversations become really clear.

Over to you, Marc.

Marc Watkins: Thanks, Lisa. I’m now gonna show you a demonstration of our tools detailing, as Lisa outlined, how we can help operationally with meeting these specific requirements

What I want to show you now is how that’s turned into, from theory into an operational use, and more specifically, how organisations can move from a fragmented asset and maintenance information registers towards a structured maintenance regime that is aligned to both recognised standards, current guidelines, and relevant legislation.

To do this, I’m gonna focus on key areas, including the creation of a maintenance regime from asset data, the identification of statutory maintenance and what maintenance requirements there are, and finally, improving visibility and evidence around making those maintenance decisions. One of the biggest risks we see is organisations not having current or structured understanding of the assets that they’re responsible for maintaining.

Facilities management teams don’t usually fail because they lack the maintenance information. They struggle because the asset and maintenance data becomes fragmented, inconsistent, and difficult to, to defend over time. Over time, your assets evolve. Assets get replaced, modified, or added, and maintenance regimes don’t always keep pace.

SFG20 Mobiliser helps organisations associate maintenance requirements to changing asset data, so maintenance decisions are being made against the actual estate rather than inherited assump- in assumptions

Asset registers can be created through different means. We can-- And they can be vastly different. They can have different headers, formats, naming conventions, even within the same contract. And that matters because poor and consistent information is prevalent across different c- uh, different organisations I can go in here and I can add an Excel file or a COBie extract from an existing register to look at my asset details.

I can select the information that I’m looking to import, and I can preview the information that I’m looking to, to ascertain to run through. The key thing here is understanding that asset f- registers come in different formats. They come with different headers, with different tabs, and different line items for what I’d need to, to do as part of my review.

At the very least, all I need to know from my asset register are two fields: a unique identifying number and an asset type. These can be fed through from your register, and even if the ID’s not unique, the Facilities-iQ SFG20 Mobiliser tool will enable you to still import. As I say, the bare minimum of what I need to require to import into the tool will be the asset type, and now I can import.

But I-- If I have more context to the information, if I have details such as the location, the manufacturer, et cetera, I’d be able to go through here and define which ones are relevant for what I want the AI tool to use. I can also utilise existing mapping templates. So where I might be uploading from existing registers on bulk, I can predetermine the fields that I want to enable for me to be able to see within Facilities-iQ.

Finally, I get the ability to visualise the information I’m looking to import, and when I’m ready, I can click to import that records. Once the assets have been uploaded into Facilities-iQ SFG20 Mobiliser, we then run through a process called SFG20 Mobiliser. So SFG20 Mobiliser runs through using AI mapping to determine whether sufficient information has been uploaded to associate a relevant SFG20 schedule or schedules to those assets.

It breaks it down by the asset categorisations and shows me where the tool has enabled information to be mapped correctly to SFG20 content. For example, my extraction fans, which I can see a preview of here, have been mapped to relevant extraction fans schedule codes within SFG20 I’ll also see where the AI tool has not been able to map these specific entities.

Now, this is normally where there is insufficient information to determine a more accurate representation of what the SFG20 schedule should be. For example, my circular pumps. It will ask me AI-generated questions to determine what the relevant SFG20 schedule should be. And this is important because, as you can see at the bottom here, there are a number of different schedules that could apply to this type of asset: circulating pumps, secondary hot water pumps, et cetera.

And without sufficient context, the AI tool does not know which the relevant, uh, schedule should be associated against these assets. But just by answering these simple questions, whether the pump’s installed in a plant, boiler room or mechanical room, as soon as I determine any of these specific answers, the system will then identify which of these schedules is the most likely to be associated with the assets I’m uploading.

And this gets rid of any ambiguity with regards to the assets that you’re maintaining. Sometimes they’re very generic, sometimes they’re very detailed. That’s the reality of asset registers being maintained across different facilities. But as it stands, by using AI tools, I can then determine the relevant schedules within here.

I can also get optional information, such as where drive guards or pulleys are fitted against these checks to determine whether these are relevant to the way that I should be maintaining my facilities After running through these checks, my, uh, to-do list will be completed and my mapping exercise will be complete.

What I’ll then do is create a maintenance regime off the back of this. Maintenance regimes can be based on existing registers. They can also be based upon, um, details without registers in here, where we want to determine the types of checks that we’re carrying out within our facilities. Here, I’ve got my maintenance regime, and I can add in that specific asset register that I uploaded into SFG20 Mobiliser.

This will take a couple of minutes to run through, and what it will do is it will try and synchronise all the assets that we have within that register to the relevant SFG20 codes and associate them within a maintenance regime structure. Your maintenance regime structure will detail things like location information, asset types, the SFG20 codes, and it will align them to SFG20 standards.

And the important point of note here is that the regime is created from the asset base rather than being created from a separate spreadsheet, which can be troublesome and result in duplicated efforts. This gives us a trusted baseline to then understand what our maintenance requirements are for our given contracts.

As you can see here, I have it broken down by the individual spaces within a university campus building. I can interrogate these down to the types of checks or SFG20 codes within those given locations, and within here, I have the ability to review the scheduled detail Now, every SFG20 schedule that we have has an introductory element to it.

It details what the schedule is intended to, to cover, including any specific notes of worthy for contractors while they’re out on site. We then have a breakdown of the individual tasks required to complete this given check. These tasks include things like the task information, the frequency, the duration, and the required skills to complete this given work.

It then gives me a breakdown of individual checklist items that my contractors need to achieve to deliver against this specific task. You’ll notice in my summary page that I have the ability to categorise tasks by red or amber or even green. Red dictate items that are legislative in nature, whether that’s tied to primary or secondary legislation.

These are tasks that you need to complete as part of your requirements. Amber tasks represent best practice, and green are optional tasks that you can use to extend the life of your given assets. Every task has a frequency. These frequencies have durations, and within Facilities-iQ, we can then tally up the total amount of time required to deliver against our given work.

If I go back to my maintenance regime, I can see a holistic view of the types of checks that I have across my entire portfolio. These are broken down by my criticality of red, amber, or green tasks, as well as by the durations of the different types of schedules I have within my system. I can also use this to understand the types of resources I require to deliver maintenance across my facilities.

These are all summarised here. Now, one of the key challenges that we hear is: how do I confidently identify what’s legally required versus what’s best practice? And we do this by separating these out into these key critical categorisations. The red tasks, as we mentioned, being required, amber being, uh, best practice, and green being optional.

But it allows you to tailor and derive these schedules according to how you want them delivered and ensuring that you’re delivering at the very minimum, the key requirements for the given schedule. We do have the ability to also tailor, so where slight amendments to things like durations can be made, those can be, uh, updated against the individual schedules.

In addition, frequencies can dictate that you need to complete work, but not necessarily how often you complete them, because it could be relevant to how the asset’s being maintained. You have the ability to bulk decide what assets have specific tasks and how often the frequency or the duration of those tasks will be What’s really important about all of this is the auditability of this.

Organisations need to evidence that they are applying given rules of legislation to their practice, as well as how they’re looking to achieve this. And completing the work is only one part of the picture. Facilities-iQ and the maintenance regimes that we create integrate with operational platforms like CAFM and CMMS solutions through our API connectivity.

This converts those statutory tasks into actual activities assigned to contractors or operatives across your facilities.

This is not a stagnant or static exercise either. Once your maintenance regimes have been created, we will then have updates that are shared with you on a monthly basis. These updates detail changes in legislation or best practice that impact the maintenance regimes you create within Facilities-iQ, whether that’s based upon your asset registers or maintenance regimes you create.

This will then give you a view of the recommended changes that have been sent through via our technical authoring team, and you will have the ability to see what schedules have been impacted, what maintenance regimes have been impacted, and decide if or when you implement those given changes. I can even go through and preview and see through my timeline a reference of the current version that I’m looking at, versio-- versus the version that I already have installed within my facilities.

This could have been from a previous year, from a previous month, and the checks within Facilities-iQ give you ability to see any side-by-side comparison or changes that have been recommended as part of this latest update These changes are really important. Our technical authoring team review changes to legislation and industry guidance, and SFG20 content is updated to reflect those changes.

And this is one of the key risks that we find from working with paper-based or locally exported schedules. If content has been printed or saved, it may no longer reflect the latest position within SFG20 standards. A live digital platform helps organisations review changes and understand how those changes may affect their o-operational maintenance requirements.

Ultimately, what we’re looking to achieve is the ability for us to create a maintenance regime or, and moving away from fragmented maintenance. This is where we want to have an asset base that is better understood even when records are imperfect, where maintenance activity is aligned to recognised standards, where statutory maintenance tasks are easy to identify, and evidence is easy to retrieve, review, and explain when needed.

The key point in all of this is that compliance is no longer just about what maintenance tasks have been completed. Organisations are increasingly expected to demonstrate how decisions are made, what standards they’re following, how risk was assessed, and how maintenance activity can be evidenced consistently across their estates.

And that really becomes increasingly important as expectations around accountability continue to evolve. I’m now gonna hand back to Lisa.

Lisa Hamilton: Thanks so much, Marc. I was really impressed with the SFG20 Mobiliser tool because if I understand correctly, currently people are mapping manually their asset registers to the correct PPM maintenance, right? That’s correct. And I- there’s a massive risk where changes to legislation have more granular mappings.

So a lot of people are using outdated understandings or of SFG20 codes to their asset registers. And even then, even if they do have that, that mapping exercise of your schedules and your assets in, in a spreadsheet can be really problematic So it’s gonna save people a whole lot of time, and probably improve accuracy significantly as well, so it was amazing.

And it looks... It’s simple, um, but also so powerful, the tools that you’ve been sharing, so thank you very much for that. Um, obviously, we can’t show you everything today because, as I said, th- these tools are incredibly powerful. But also, I’m cognisant of the fact that you will all have your own different questions, your own site-specific requirements.

Um, so if you’d like to talk to an expert on my side, on, on our side, in more detail, um, then just click on the link that’s in the chat at the moment and complete a demo request. We’ll give you a moment to do that now whilst others are putting their questions into the chat. Um, on that demo form, you’ll see that we ask you for details about which sector you work in and the estimated size of your company.

And the reason that we do this is that our team members all have different areas of expertise, and we want to connect you to the most relevant person at our end, who will h- already understand the challenges in your specific sector, and they will be able to offer you the best support. While Marc’s been taking you through the product demonstration, I’ve been looking at your questions coming in.

So there are lots coming in, which is great to hear. There’s, there’s so many questions. Um, we won’t have time to answer them all, but there are questions that all line up against common themes. So I’ve picked out a few, um, and I’ve sent them over to Marc. So Marc, if you wouldn’t mind asking me the questions, and I will do my best to answer.

Marc Watkins: Yes, of course. I’ve put you on the spot, Lisa. Um, so one of the questions we’ve got here, uh, competence is mentioned a lot in the context of the Building Safety Act, but what does demonstrating competence actually look like on a day-to-day basis?

Lisa Hamilton: Yeah. I think, um, there are two sides to this. There’s the individuals, and then there’s organisations. So let’s deal with individuals first. Um, you may be familiar already with the acronym SKEB, which is skills, knowledge, experience, and behaviours. So for individuals, competence means being able to show those things, um, your skills, knowledge, experience, and behaviours needed for the specific tasks that you are carrying out.

So that might mean formal qualifications. It might mean a documented training record. It might be a portfolio of relevant work. Um, and importantly, it also means having the confidence to say no when you know that something is outside of your competence area, uh, rather than pressing ahead. There’s nothing worse than that.

For organisations, it means having systems in place to assess, and monitor, and develop the competence of everyone that you employ or that you engage. So it’s, it’s up to you to do your due diligence.

Marc Watkins: Thanks, Lisa. Um, we’ve got a few more questions. So I think one of them we could answer now maybe would be, a lot of our maintenance work is delivered by third-party contractors, and that’s across multiple buildings.

Does the act change how we need to manage those relationships? And is there a more practical way to stay on top of it at all?

Lisa Hamilton: So we’re talking about the Building Safety Act today. Um, that places a duty to cooperate and coordinate and communicate with everybody in the chain, so that includes the contractors that you might be engaged with. And as I said in the presentation, it means that you can’t outsource responsibility along with the work itself, and we ... That comes as a surprise to some people, so it’s really important that you understand that. Um, so you need to be more deliberate about how you specify work, um, how you verify competence and also capture evidence of what was done and when and by whom.

Um, as I said earlier, the challenge is that this information on- often ends up scattered across, um, different sites, different formats, different systems, and even in individuals’ memories. What the act requires for buildings in scope is a golden thread, which is structured digital record of your assets, their maintenance history, and, and any changes, and that must be accessible to who need it, and it must be kept up to date as well.

Marc Watkins: That makes sense, and I guess a key part of that is the collaboration that that digital-led, uh, ability with the golden thread gives you, gives you the ability to work with different stakeholders.

Lisa Hamilton: Absolutely, yeah.

Marc Watkins: Great. Um, we’ve got one final question. Um, we can’t do everything at once and budgets are tight, so how do we decide what maintenance tasks to prioritise?

Lisa Hamilton: Yeah, so, um, the ... When, when, when I interviewed Dame Judith Hackitt, she was clear that building safety doesn’t expect you to do everything s- simultaneously. Um, but it does expect you to be able to explain your decisions, and the key is distinguishing between statutory tasks, the legally required ones, versus the optimal, um, tasks.

So starting from a recognised baseline like SFG20 helps you make that separation clearly and consistently, and then from there you can pri- prioritise work based upon risk. Um, so I know it’s a common, uh, issue that, that budgets, um, are, are never enough, but, but you need to prioritise and, as I was saying, you know, you need to take, complete those tasks that take the most risk out of your system.

Marc Watkins: Perfect. Thanks, Lisa. There were other questions that were asked, uh, but we can look to answer those in response when we send out the video. I appreciate you answering those on the spot, Lisa. I know that it’s a lot to ask after doing a webinar, so thank you for that, and, uh, thank you for your time.

Lisa Hamilton: Thanks very much, Marc. So, just to close, so thank you everybody for joining us today. Also to Marc for giving us such a great tour of SFG20 and our software. And please get in touch if you’d like to discuss further. We’ve got a website. You can contact us by phone, email, contact us form, or the demo form that we’ve put in the chat, and we’ll leave open the session just for a little bit longer if you would like to reflect on what you’ve heard today and put any more questions into the chat.

Have a great day, everyone. Thank you. Thanks.