No platform covers more than 3.5 out of 7 UK regulatory domains. We cover all seven.
We assessed 20+ platforms across every mandatory UK construction regulatory domain. Here's what we found — and why the gap is structural, not a feature roadmap away from closing.
Seven regulatory domains. Three structural categories.
UK construction firms must comply across financial, project/safety, and data governance regulations. No software category has ever spanned all three.
Financial & Tax Compliance
Accounting & ERP platforms
HMRC submissions, tax deductions, digital record-keeping. These platforms handle money — nothing else on this list.
e.g. Sage, Eque2, COINS, Integrity, RedSky
Project, Safety & BIM
PM / CDE / BIM platforms
Documents, BIM models, safety records. These platforms handle projects — but can't file a tax return.
e.g. Procore, Autodesk ACC, Zutec, Dalux, Asite
Data Governance
No dedicated platform exists
Construction-specific GDPR compliance. Platform-level privacy policies are not the same as resolving the BSA retention conflict.
No dedicated construction platform exists
Every platform hits the same wall
Financial platforms don't do BIM. Construction platforms don't do tax. Nobody does data governance. The gap isn't a feature roadmap — it's architectural.
The only solution spanning all three structural categories — with the GDPR-BSA classification engine that no competitor has attempted.
Based on analysis of 20+ platforms including HMRC CIS commercial software supplier list, vendor documentation, ISO 19650 certification records, and published product capabilities. Full methodology available on request.
20+ platforms. None above 3.5.
Full domain-by-domain assessment across every major UK construction software platform. Tap any row for detail.
| Platform | CISCIS | VAT RCVAT | MTDMTD | CDMCDM | BSABSA | ISO 19650ISO | UK GDPRGDPR | Score |
|---|---|---|---|---|---|---|---|---|
Causeway | 3.5/7 | |||||||
Sage | 3/7 | |||||||
Viewpoint (Trimble) | 2/7 | |||||||
Procore | 1/7 | |||||||
Autodesk ACC | 1.5/7 | |||||||
Asta Powerproject | 0.5/7 | |||||||
| Smartzone Replace | 7/7 |
Sources: HMRC CIS commercial software suppliers list (Nov 2025), vendor documentation, ISO 19650 certification records, published platform capabilities. Scoring: Full = native, purpose-built; Partial = present but incomplete; Limited = minimal/guidance only; None = not addressed.
GDPR says delete. The Building Safety Act says keep forever.
Two laws with criminal penalties pull in opposite directions. Smartzone's classification engine is the only published resolution in the market.
The legal conflict
How Smartzone resolves it
Every record is classified at the point of entry. Personal data follows GDPR. Safety data follows the BSA. Dual-purpose records are split and pseudonymised — both laws satisfied, automatically.
Employee home address, bank details, next of kin
Standard GDPR retention → deleted on expiry
Material test certificates, structural calculations, fire rating data
Indefinite retention for golden thread — no personal data, no conflict
"John Smith installed fire door FD30 in Unit 4B on 15 March 2026"
Split → pseudonymise personal data on GDPR expiry → safety fact persists
Smartzone classifies every construction record as personal, safety, or dual-purpose — then applies the correct retention rule automatically. Personal data is deleted on GDPR expiry. Safety facts are retained for the building's lifecycle. Dual-purpose records are split and pseudonymised so the golden thread stays complete while personal data is removed.
No regulator, vendor, or industry body has published an equivalent resolution. Architecture validated with specialist data protection counsel before every deployment.
Compliance. Cost. Competitiveness.
7/7 regulatory coverage isn't a technical claim — it's three measurable advantages for your business.
Compliance
Avoid penalties. Prove it to regulators.
- CIS deductions and HMRC returns automated — no manual errors
- Golden thread maintained natively — criminal liability addressed
- CDM duty holders, phase plans, and H&S files compile themselves
- GDPR-BSA conflict resolved — both laws satisfied simultaneously
- Single audit trail — regulatory inspections in hours, not weeks
Commercial
Save money. Reclaim time.
- 40–60% reduction in SaaS spend — cancelled subscriptions, measurable
- Month-end CVR in 45 minutes, not 3 days of spreadsheet compilation
- New starter onboarded in 4 minutes — one system, not 12 accounts
- Zero data re-entry between systems — enter once, flows everywhere
- No API breaks to firefight — one platform, your infrastructure
Competitive
Win more work. Stand out in tenders.
- Demonstrate ISO 19650 CDE compliance in every PQQ response
- Prove golden thread capability — de-risk yourself for clients on HRBs
- Stronger pre-qualification answers than 'we use spreadsheets'
- Demonstrate integrated compliance to win public sector frameworks
- Future-proofed for incoming regulations — your platform grows with the law
The regulatory landscape is expanding
Three incoming regulations will add domains that no incumbent is preparing to cover. The 7 will become 10.
Future Homes Standard
New energy and ventilation standards for all new homes. Requires digital evidence of compliance through SAP 10.3 — extending the golden thread into environmental data that no current platform integrates.
UK Carbon Border Adjustment
Carbon tax on imported steel, cement, and aluminium. Construction firms importing over £50K of CBAM goods must report embedded emissions with verified data and quarterly returns from 2028.
Digital Product Passports
Material-level traceability for every building component. Environmental data, safety data, and lifecycle information linked to each product. No universal standard exists yet — and no platform is preparing for it.
Platforms that can't cover the current seven have no path to eight, nine, or ten. Smartzone's architecture is designed to absorb new regulatory domains without rebuilding.
Five conclusions from 20+ platform assessments
The 3.5/7 ceiling is structural, not a feature gap
Financial platforms don't build CDEs. Construction platforms don't file HMRC returns. This isn't a roadmap issue — it's an architectural divide between fundamentally different software categories.
Data Governance has zero dedicated coverage
No platform has construction-specific GDPR compliance. Platform-level data protection policies don't address the BSA retention conflict, data classification, or pseudonymisation over time.
The GDPR-BSA conflict has no published resolution
Not from vendors. Not from the ICO. Not from industry bodies. The classification and pseudonymisation approach is genuinely uncontested white space.
The gap is widening, not closing
Future Homes Standard, UK CBAM, Digital Product Passports — each adds compliance domains that no incumbent is preparing to integrate. The 7 will become 10.
Custom-build is the only viable path to 7/7
No acquisition or feature update can bridge the three-way structural split. A purpose-built system designed for all 7 domains from the data model up is the only architecture that works.
See how 7/7 compliance works for your firm
The assessment maps your current regulatory coverage, identifies gaps, and shows exactly how Smartzone closes them. Fixed scope, fixed price, no commitment beyond the assessment.