Top 10 Compliance Risks Facilities Managers Face | How IOSH Managing Safely Solves Them

The facilities management sector operates at the intersection of multiple regulatory frameworks, contractor coordination, and operational complexity. When compliance gaps emerge, the consequences extend far beyond financial penalties. They threaten business continuity, workforce wellbeing, and organisational reputation. IOSH Managing Safely for facilities managers provides the practical risk management foundation needed to navigate this demanding landscape.

Why Compliance is Non-Negotiable in Facilities Management

Facilities managers oversee operations spanning multiple sites, coordinate diverse contractor teams, and manage environments containing hazardous materials, complex building systems, and public-facing spaces. This operational complexity creates countless potential compliance touchpoints.

The consequences of non-compliance are severe and multifaceted. Under the Health and Safety at Work Act 1974, organisations face unlimited fines for serious breaches. Beyond financial penalties, facilities management compliance failures trigger insurance premium increases, contract terminations with major clients, and lasting reputational damage that affects future business opportunities.

The facilities management sector also operates under intense scrutiny. Clients increasingly demand evidence of robust health and safety training and documented compliance systems before awarding contracts. IOSH Managing Safely benefits facilities management organisations by providing externally recognised credentials that demonstrate commitment to workplace safety excellence.

The Cost of Non-Compliance | Top 10 Compliance Risks

Average fines under the Health and Safety at Work Act 1974 have increased significantly, with serious breaches regularly attracting penalties exceeding £500,000. RIDDOR breaches compound these costs, while insurance premiums can increase significantly following major incidents. Contract losses represent the most significant long-term financial impact.

1. Health & Safety Compliance Failures

Missing risk assessments, inadequate safety culture, and poor training create systemic vulnerabilities across FM operations. These failures underpin most other compliance breaches and represent fundamental gaps in management systems.

Common manifestations include:

• Incomplete or outdated risk assessments.
• Absence of documented health and safety policies.
• Insufficient staff training records.
• Poor incident investigation procedures.

Health and safety compliance in facilities management requires systematic approaches to risk identification, assessment, and control. IOSH Managing Safely provides the framework facilities managers need to embed proactive FM risk management practices throughout their operations.

2. Fire Safety Non-Compliance

The Regulatory Reform (Fire Safety) Order 2005 and Fire Safety Regulations 2022 impose strict duties on responsible persons. Failure to maintain current Fire Risk Assessments, inadequate maintenance of fire detection and alarm systems, and blocked escape routes constitute serious fire safety compliance breaches.

Recent regulatory updates have strengthened enforcement, particularly for buildings with sleeping accommodation. Fire safety officers conduct unannounced inspections, and prosecution rates for non-compliance have increased. A fire risk assessment in facilities management must be regularly reviewed and updated to reflect operational changes.

3. Asbestos Management Failures

The Control of Asbestos Regulations 2012 require duty holders to maintain current asbestos registers and conduct regular re-inspections. Asbestos compliance in facilities management becomes particularly challenging when managing older building stock or coordinating contractors working in areas with asbestos-containing materials.

Critical requirements include:

• Maintaining and updating asbestos registers
• Conducting management surveys before refurbishment work
• Providing asbestos awareness training to staff and contractors
• Implementing robust permit-to-work systems

Asbestos risk management failures can result in prohibition notices, prosecution, and serious health consequences for building occupants and workers.

4. Equipment & Lifting Safety

PUWER and LOLER compliance requires systematic inspection regimes, operator competency verification, and thorough record-keeping. Breaches typically arise from missing inspection records, using unqualified operators, or failing to maintain equipment according to manufacturer specifications.

Facilities management equipment safety spans diverse machinery from building maintenance equipment to goods lifts and dock levellers. LOLER lifting safety in facilities management demands particular attention, with thorough examination intervals and load testing requirements that must be meticulously documented.

5. Electrical Safety Gaps

Electrical Installation Condition Reports (EICR) and portable appliance testing form the foundation of electrical safety compliance. The Electricity at Work Regulations 1989 require systematic inspection and maintenance, yet I've encountered facilities where EICR records were years overdue, creating immediate prohibition notice risks.

EICR in facilities management must be scheduled according to building use, with commercial premises typically requiring inspections every five years. Facilities managers must also implement robust PAT testing regimes proportionate to equipment risk profiles.

6. Legionella & Water Hygiene

HSE ACOP L8 provides explicit guidance on controlling Legionella bacteria in water systems. Water hygiene risk in facilities management requires regular temperature monitoring, system flushing protocols, and quarterly sampling programmes for complex systems.

Legionella compliance in facilities management includes:

• Conducting comprehensive water system risk assessments
• Implementing temperature monitoring regimes
• Maintaining detailed water treatment logs
• Training staff on Legionella awareness

Legionella outbreaks can be catastrophic, resulting in serious illness, prosecution, and permanent business closure. The Health and Safety Executive takes enforcement action swiftly when management failures are identified.

7. Building Safety Act Obligations

The Building Safety Act 2022 introduces the "Golden Thread"—a comprehensive digital record of building information spanning design, construction, and occupation. For facilities management of higher-risk buildings, this represents a fundamental shift in documentation requirements.

Building Safety Act compliance demands ongoing maintenance of safety case reports, resident engagement strategies, and mandatory occurrence reporting. Facilities managers working with higher-risk residential buildings must establish robust systems for capturing and maintaining this information throughout the building lifecycle.

8. Martyn's Law (Terrorism Protection)

The Terrorism (Protection of Premises) Act 2025, known as Martyn's Law, is set to create new duties for public venues to assess terrorism risks and implement protective security measures. Facilities managers overseeing public-facing premises must now conduct terrorism risk assessments and provide staff training on recognising and responding to threats.

Martyn's Law compliance in facilities management extends beyond physical security measures to include evacuation procedures, staff training programmes, and collaboration with local counterterrorism security advisors. Premises security becomes a core facilities management competency under this legislation.

9. Data & Documentation Failures

Poor compliance documentation in facilities management undermines audit readiness and creates evidential gaps during HSE investigations. Missing certificates, incomplete risk registers, and inadequate maintenance logs consistently feature in enforcement actions.

Essential documentation includes:

• Current risk assessments and method statements
• Staff training and competency records
• Equipment inspection certificates
• Contractor competency verification
• Incident investigation reports

Risk registers in facilities management must be living documents, regularly reviewed and updated to reflect operational changes and emerging risks.

10. Contractor & Workforce Competence

Using unqualified contractors or failing to verify training credentials creates direct breaches of the Management of Health and Safety at Work Regulations 1999. Contractor compliance in facilities management requires robust vetting procedures, competency verification systems, and ongoing monitoring.

Workforce competence extends beyond contractor management to include facilities management staff themselves. IOSH Managing Safely provides the foundational knowledge that enables facilities managers to discharge their legal duties effectively and oversee contractor activities with confidence.

How IOSH Managing Safely Aligns with Legal Duties

The IOSH Managing Safely course directly aligns with duties under the Health and Safety at Work Act 1974, providing facilities managers with practical risk assessment methodologies, incident investigation techniques, and clear understanding of their legal responsibilities.

The IOSH Managing Safely course content covers:

• Risk assessment fundamentals and practical application
• Legal responsibilities of managers and employees
• Accident investigation and root cause analysis
• Measuring health and safety performance
• Environmental management basics

This compliance training equips facilities managers with the structured approaches needed to identify hazards, assess risks, and implement proportionate control measures across diverse operational contexts. The course emphasises practical application rather than theoretical knowledge, ensuring facilities management professionals can immediately apply learning to real workplace scenarios.

Risk management training through IOSH Managing Safely creates a common language and framework across facilities management teams. When senior leadership, operational managers, and frontline supervisors share this foundational knowledge, organisations achieve consistency in risk management approaches and compliance standards.

Case Study | Thames Water Strengthens Compliance Through Comprehensive Training Partnership

Thames Water, the UK's largest water and wastewater services company, operates critical infrastructure serving 15 million customers across a geographically dispersed network. Managing health and safety across multiple sites, contractors, and complex operational environments presents exactly the compliance challenges facing facilities management organisations today.

Since 2013, Thames Water has partnered with Astutis to deliver comprehensive health and safety training programmes, including IOSH Managing Safely, across its workforce. The company specifically sought a training provider with a proven reputation and flexibility to adapt to evolving business needs while maintaining consistently high educational standards.

The implementation of structured training programmes, including IOSH Managing Safely for operational managers, has enabled Thames Water to embed robust risk assessment procedures and contractor management systems throughout its operations. The training supports compliance across the multiple regulatory frameworks governing their facilities management operations, from PUWER and LOLER requirements for equipment safety to water hygiene management under HSE ACOP L8.

This IOSH success story demonstrates the health and safety training ROI that facilities management organisations achieve through proactive investment in competency development. For an organisation managing critical infrastructure at Thames Water's scale, the value extends beyond regulatory compliance to encompass operational resilience, contractor safety coordination, and maintaining the highest standards across geographically dispersed sites.

The FM compliance case study illustrates a crucial point: regulatory compliance is about building resilient operational systems that protect people, preserve business relationships, and create competitive advantages in a demanding marketplace. Thames Water's ongoing partnership with Astutis continues to strengthen its safety culture, equipping teams with the knowledge and skills to manage the complex health, safety, and environmental risks inherent in facilities management of critical water services infrastructure.

Next Steps | How to Get Your Team Certified

IOSH Managing Safely provides facilities managers, operations directors, and health and safety professionals with the practical competencies needed to navigate the complex regulatory landscape outlined above. The course is designed specifically for managers and supervisors across all sectors, making it ideal for the diverse responsibilities of facilities management roles.

Training delivery options include classroom, virtual classroom, and blended learning formats to accommodate operational constraints across multiple sites. Certification remains valid for three years, with refresher training ensuring facilities management professionals stay current with regulatory developments and evolving best practices.

Investing in IOSH Managing Safely for your facilities management team addresses multiple business objectives simultaneously: legal compliance, risk reduction, improved client confidence, and enhanced employee wellbeing. The structured approach to risk management creates consistency across diverse operations, whether you're managing a single prestigious site or coordinating compliance across a national portfolio.

The facilities management sector continues to evolve, with new legislation such as Martyn's Law and the Building Safety Act adding complexity to already demanding compliance requirements. Organisations that invest in foundational compliance training position themselves for sustainable success, turning regulatory obligations into competitive differentiators that win and retain major contracts.

Discover how IOSH Managing Safely can transform your facilities management compliance approach, explore our course options and speak with our team about developing a tailored training programme for your organisation.