AI governance for property and construction
Your board owns the reliability of every valuation, design and safety record AI touches.
AI is moving into valuation, design coordination, safety documentation and property management across developers, contractors, surveyors and managing agents. The RICS Responsible Use of AI standard, the Building Safety Act and UK GDPR place accountability with the firm and the named professional, not the vendor. Governance AI advises your board on where AI is defensible, then builds the controls that make it so.
An AI-informed valuation or safety record is still one the firm answers for.
Property and construction carries liabilities that outlast the transaction. A surveyor's valuation, a designer's decision and a building's safety record can be relied on for years by buyers, lenders, insurers, residents and regulators. From 9 March 2026 the RICS Responsible Use of AI professional standard is mandatory for members and regulated firms where AI materially affects a service, requiring records, governance, risk registers, due diligence, human judgement and written disclosure of AI use to clients. A hallucinated comparable, a misread drawing or an unchecked automated valuation is a professional liability, not a technology footnote.
For higher-risk buildings the stakes are statutory. The Building Safety Act and the Building Safety Regulator require a golden thread of accurate, accessible building information, and CDM duty holders must plan, manage and evidence design and construction decisions. AI that generates or manages that information without human verification puts a firm on the wrong side of those duties. Where AI touches tenant, buyer or employee data, the firm is data controller under UK GDPR. Most AI governance is performance, not protection.
The standards property and construction firms are held to.
AI does not create a separate rulebook. It runs through the duties and regulators you already answer to.
RICS Responsible Use of AI professional standard
Mandatory from 9 March 2026 where AI materially affects a surveying service. Requires records, governance, risk registers, due diligence, human judgement and written disclosure of AI use to clients.
Building Safety Act 2022 and the Building Safety Regulator
For higher-risk buildings, duty holders must maintain a golden thread of accurate, accessible building-safety information. AI that generates or manages that record without human verification is a direct compliance risk.
Construction (Design and Management) Regulations 2015 (CDM)
Principal designers and principal contractors must plan, manage, monitor and evidence design and construction decisions, so any AI supporting those decisions must leave an auditable, human-owned trail.
ICO, UK GDPR and Data Protection Act 2018
Where AI touches tenant, buyer, tenant-referencing or employee data, the firm is controller and must hold a lawful basis, a DPIA and safeguards against solely automated decisions such as tenant screening.
Propertymark / ARLA and valuation liability (RICS Red Book)
Lettings and estate agency conduct standards and RICS Red Book valuation duties mean AI-assisted referencing, pricing and valuations must be checked by a professional who carries the liability and the required cover.
What good AI governance looks like for property and construction firms.
The Board AI Scorecard measures five areas. Here is what each means in your sector.
Accountability & board oversight
A named professional, not the model, owns every AI-assisted valuation, design decision, safety record or tenant decision, and the firm can show who verified it and when.
AI policy & controls
Your AI policy states which services and data AI tools may touch, what disclosure clients receive under the RICS standard, and how it maps to your Building Safety Act, CDM and data-protection duties.
Risk, transparency & assurance
AI risks sit on the firm's risk register with named owners, including hallucinated comparables, misread drawings, unverified automated valuations and building-safety information generated without human checks.
Data & security
Tenant, buyer and employee personal data never leaves systems the firm controls or trains a third-party model, with a DPIA and safeguards where AI screens or scores individuals such as tenant referencing.
Board literacy & capability
Directors, surveyors and site leaders can recognise where an AI tool's output is likely to be wrong and what adequate professional verification looks like before it reaches a client, a building or a record.
Questions your board should be asking.
- Where is AI already used across valuation, design, safety documentation and property management, and which of those uses materially affect a service under the RICS AI standard?
- For AI-assisted valuations, referencing and pricing, can we evidence human professional judgement, written disclosure to clients and the risk registers the RICS standard requires?
- Where AI generates or manages building-safety information, how do we assure the golden thread is accurate and human-verified for our Building Safety Act and CDM duties?
- Where AI screens or scores individuals, such as tenant referencing, do we hold a DPIA, a lawful basis and safeguards against unfair or solely automated decisions under UK GDPR?
- What is our process for catching hallucinated comparables, misread drawings and unchecked automated outputs before they cause client, buyer or safety harm, and who owns it?
- Have we confirmed that AI-assisted work stays within our professional indemnity cover and our RICS, Propertymark and CDM obligations, and does the board see the AI risk register?
Taking these to a meeting? Print the one-page board pack.
We advise your board on AI governance and build the controls that hold.
Start with the free Board AI Scorecard, a short self-assessment that shows your board where its AI exposure sits against the RICS standard and the duties your firm already answers to. The AI Wake-Up Call is a board session that translates those duties into the decisions a managing director, senior surveyor or head of safety has to own, and the GovernIQ™ Diagnostic goes deeper into your services, data and verification regime. Our founder, Karl George MBE, created the tgf Governance Code, and we align work to ISO/IEC 42001, the NIST AI Risk Management Framework, UK GDPR and the NCSC cloud security principles. We help you prepare for certification against these standards and do not issue it. One team advises and then builds the system, so the governance you agree is the governance that ships.
See where your board stands before a client or a regulator asks.
Take the free Board AI Scorecard, or have a short conversation with us about AI across your valuations, designs, safety records and property data.
