Analysis
UK Building-Safety Golden-Thread Evidence Workspace
One-line thesis: Build a lightweight evidence workspace for UK principal accountable persons, resident management companies and managing agents that turns scattered building-safety documents, resident-engagement activity, safety occurrences and consultant handoffs into an audit-ready Building Safety Regulator pack.
Opportunity takeaway
This is a credible small-team software opportunity, but it should be scoped as an evidence-and-workflow layer rather than a full “building safety platform.” The buyer pain is real because the first-party duties now require living, digital, versioned, transferable information across golden thread records, safety case reports, resident engagement, complaints, mandatory occurrence reporting, building assessment certificate applications and information sharing between accountable persons. The urgency is also real: BSR guidance for building assessment certificate applications was updated on 1 April 2026 and explicitly says the principal accountable person must not wait until BSR requests the BAC application to prepare the resident engagement strategy, MOR information and safety case report.
The wedge is not “store documents.” Many teams can use SharePoint, Procore, RiskBase, consultants, property-management systems, portals and spreadsheets for pieces of the job. The wedge is “prove what happened, who owns the next action, which evidence is missing, and export the exact pack requested by BSR, APs, residents, fire and rescue authorities or a successor managing agent.”
Recommendation: MAYBE / narrow BUILD. Build only if the first version is ruthlessly focused on audit-ready evidence packs for managing agents and RMC directors who are coordinating consultants, APs and residents across a small portfolio of higher-risk residential buildings.
ICP
Best first customer:
- Managing agents with 5 to 50 higher-risk residential buildings and no appetite for an enterprise IWMS/procurement cycle.
- Resident management companies / resident-led freeholders that are legally exposed as AP or PAP but outsource much of the technical work to fire engineers, surveyors, building safety managers and agents.
- Specialist building-safety consultants who prepare safety case reports, golden-thread reviews and BAC packs but then hand the building back to operators who need to maintain the evidence.
Avoid first:
- Large housing associations and institutional landlords with enterprise compliance, asset-management and resident-portal systems already embedded.
- New-build gateway-heavy construction teams; the data model and buyers are different.
- Generic property managers without higher-risk buildings. The duty stack is not urgent enough.
First-party requirement check
The live GOV.UK/BSR guidance confirms the workflow is broad and evidence-heavy:
- Golden thread: APs/PAPs must keep a digital record for higher-risk residential buildings. The record is supposed to help comply with legal duties and manage building safety. It includes safety case report, resident engagement strategy and mandatory occurrence reporting system information, plus refurbishment, previous owner, inspection and maintenance records where available.
- Accountable person duties: BSR’s AP guidance lists duties including registering the building, assessing and managing structural/fire risks, preparing a safety case report, reporting safety occurrences, operating an MOR system, operating a complaints system, displaying required information, preparing/updating resident engagement strategy, applying for a BAC when told, and providing building information to relevant individuals and organisations.
- BAC timing: the BAC guidance, last updated 1 April 2026, says the PAP must apply when told by BSR. It also says BSR assesses whether APs have taken all reasonable steps to prevent and reduce building safety risks and whether residents and owners are informed and involved. Critically: “You must not wait until you are told to apply for a BAC to prepare these documents.”
- Resident engagement: PAPs must prepare, follow, review and revise a strategy, keep records of reviews, provide versions to APs/residents as needed, consult residents/APs where necessary and take their opinions into account. APs must provide the latest version to residents in their parts of the building and work with other APs.
- Safety case report: BSR can request the report for BAC or at any time. It needs version/date control and a wide set of building, people, construction, structural, refurbishment, fire safety, emergency-plan and safety-management information.
- MOR and complaints: BSR guidance requires systems that allow reporting/recording, timely assessment, BSR notification as soon as possible and reporting within 10 calendar days. Complaints records must be kept for 7 years, including complaint content, AP response steps, regulator involvement and outcome.
- Information sharing: APs must create and maintain information and provide it to other APs, residents/owners, relevant landlords, clients, responsible persons, and fire and rescue authorities. Information must be electronic, safely transferable without corruption, accurate, secure, clear, accessible and kept up to date.
That is a workflow problem, not a single-document problem.
Pain evidence and why it is concrete
The pain is strongest where legal accountability crosses organisational boundaries:
- Consultant-to-operator handoff. Fire engineers or building-safety consultants produce assessments and reports, but the operator must keep the evidence current after remediation, inspections, resident communications, complaints and safety occurrences. A static PDF becomes stale immediately.
- Multi-AP coordination. BSR guidance explicitly contemplates multiple APs and requires APs to share golden-thread information with each other. That creates ownership, versioning and access-control pain.
- Resident engagement proof. It is not enough to have a strategy; PAPs must act in accordance with it, review it, keep records of reviews, consult when necessary and take views into account. Evidence is scattered across emails, notices, portals, meeting minutes, surveys and complaint logs.
- Audit-ready packs. BAC applications require the PAP to submit a safety case report, resident engagement strategy and MOR information, and BSR may ask for additional records or meetings. This creates a “show me the evidence” moment.
- Operational action tracking. The documents point to recurring updates: keeping BSR building information current, maintaining the safety case, tracking complaints for 7 years, and handling MOR events on short timelines.
Commercial validation is moderate. The Property Institute homepage advertises Building Safety Act training for property managers, which is a good signal that managing agents still need practical education and workflows. RiskBase markets “software for survey & risk assessment” and “effortlessly maintain a golden thread,” proving budget and vendor language exist. The competition is real, but much of it is survey/risk-assessment, construction-document or broad property-management tooling rather than a narrow AP/PAP evidence-workspace product.
MVP
Weekend-buildable first version:
- Building profile with HRB number, AP/PAP contacts, structure summary, key dates and named consultants.
- Evidence checklist mapped to BSR duties: golden thread, safety case report, resident engagement, complaints, MOR, BAC application, information-sharing requests, fire and rescue authority pack.
- Document register with source, owner, version/date, next review, confidence, and “needed for BAC / safety case / resident pack / FRS pack” tags.
- Resident-engagement log: notices, consultations, meetings, surveys, “views considered,” response/action, evidence attachment and resident cohort affected.
- Action tracker tied to evidence gaps and responsible party: managing agent, PAP, AP, consultant, fire engineer, contractor or RMC director.
- Export pack: one-click ZIP/PDF index for BAC readiness, resident information request, AP handoff or consultant handover.
- Consultant handoff mode: invite consultant to upload deliverables and map them to evidence requirements; then transfer ownership to the managing agent/RMC.
Do not build BIM, CAD viewers, full resident portal, fire-risk-assessment authoring, leaseholder billing, contractor management or enterprise property management in v1.
Distribution wedge
- Start with building-safety consultants and fire engineers who are tired of re-chasing the same client evidence. Give them a branded client handoff workspace.
- Partner with boutique managing agents and RMC director communities rather than enterprise landlords.
- Create a “BAC readiness evidence checklist” lead magnet using first-party BSR headings and disclaimers.
- Sell per building, not per user: roughly £49-£199/building/month depending on storage, users and export packs, with a consultant workspace tier.
- Offer a paid setup sprint: import the existing safety case, resident strategy, fire docs and action log into the workspace.
Competition / substitutes
Substitutes today:
- SharePoint/OneDrive folders plus spreadsheets and email.
- Consultants producing static safety case reports and trackers.
- Property-management systems with resident communications and repairs modules.
- Specialist risk/survey platforms such as RiskBase.
- Construction/golden-thread tools aimed at design/build data rather than occupied-building evidence.
- Resident portals and complaint systems that capture communications but do not map them to BSR evidence duties.
The opportunity is in the seam between these systems. A focused product can win if it imports/links to existing folders and portals rather than trying to replace them.
Risks
- Market size is bounded. Higher-risk residential buildings are a real niche, but not a mass SMB market. The product needs high ACV per building or a consultant-channel motion.
- Legal/compliance liability. The tool must avoid implying that it makes the building compliant. It should position as evidence management and workflow support, with templates reviewed by qualified specialists.
- Enterprise incumbents. Large landlords may already use systems from risk, property-management, asset-management or construction-information vendors.
- Procurement friction. Even managing agents may require board approval or service-charge recoverability clarity.
- Data sensitivity. Resident complaints, fire safety information, building plans and security-sensitive details require strong access control and audit logs.
- Requirements can evolve. The product needs source-linked checklists and change tracking, not hard-coded stale summaries.
What might be wrong here?
The weakest assumption is that managing agents/RMCs will buy standalone software rather than ask their existing consultant, property-management system or SharePoint administrator to maintain a tracker. The second weakness is market timing: urgency spikes when BSR directs a PAP to apply for a BAC, but if requests are staggered and portfolios are small, sales cycles may be episodic. The third weakness is liability: building-safety buyers may prefer established vendors or professional services over a small software vendor unless the product is clearly an evidence workspace and not compliance advice.
The strongest counterpoint is that the guidance creates repeated proof obligations: review records, 7-year complaint records, 10-day MOR reporting, BSR-requestable safety case reports, AP-to-AP information sharing and handoff obligations. Those are exactly the places where lightweight workflow software beats static PDFs.