During the summer at university, I worked for a well-known logistics firm that specialised in secure storage. Companies paid them to collect, transport and store everything from hospital records to sensitive devices for major financial organisations.

At the time, I didn’t realise how lucky I was. I was trained by an exceptional warehouse manager. He wasn’t exceptional because he worked hard, or because he led by example, or because he was consistent and fair, although all of that was true. He stood out because he built layers of guardrails into almost every process he was responsible for, and those guardrails routinely went beyond the company’s standard operating procedures.

One example has stayed with me. In most warehouses, items are logged into a holding area before being moved into storage. That makes sense on paper, because if something goes missing you can trace its journey through the logs and work out where the discrepancy happened. In reality, the logs are only as good as the humans updating them. If an item disappears, you often end up reconstructing an entire day’s work across multiple staff, trying to untangle gaps, contradictions and “close enough” entries. Human error becomes normal, and accountability becomes vague.

His solution was simple and strict. Every item was scanned twice at every stage of its journey. Not occasionally. Not when someone remembered. Every time. If something went missing, you didn’t need to trawl through everyone’s work to find it. You could follow the history of that single item and see exactly where the chain broke. Staff were audited against the policy and it was always their responsibility to correct their own mistakes.

It might sound over the top until you remember what was being stored. When you’re looking after thousands of items worth millions of pounds, “probably fine” is not a strategy.

That job taught me something I still use today. Mistakes happen, so the real question is whether your systems make mistakes easy to spot and quick to fix. That mindset even shows up in small habits. I still keep at least half a tank of fuel in my car, because resilience often starts with simple routines.

That’s why I’m confident, perhaps uncomfortably so, that if I walked into most letting agencies or property management companies and ran a full compliance audit, many would fail. There are two reasons I’m so sure. First, I’ve visited hundreds of estate and letting agents. Second, the compliance workload is enormous. From Anti Money Laundering obligations through to duties under the Housing Act 2004, the number of steps an agency must take to stay compliant is extensive, overlapping, and constantly changing.

HM Treasury’s AML/CTF Supervision Report (2023–24) cited 43% as non-compliant based on onsite visits and desk-based reviews. London Trading Standards inspection data showed that more than 46% of 1,922 letting agents inspected, in the 15 months up to June 2019, were non-compliant with Consumer Rights Act requirements (fee transparency) and or redress scheme membership.

Add in sanctions checks, proof and source of funds, right to rent, material disclosure, advertising standards, gas and electrical safety, smoke alarms and more, and it becomes obvious that agencies are carrying serious risk every single day.

The consequences have never been higher. Local authorities have significant enforcement powers, and some failures do not just lead to financial penalties, they can lead to criminal prosecution. Worse than that, poor compliance can put lives at risk.

I saw the scale of the problem first-hand when I worked for a mid-sized independent agent, a 50-branch network at the time. Every lettings manager was called to head office for a training exercise on Gas Safety Certificates and Electrical Installation Condition Reports. We were each given a pack of 25 “random” certificates and told to find as many issues as we could. The results were frightening. Missing dates, missing contractor details, incorrect addresses, unreadable scans, incomplete sections. Basic failures, repeated across documents that are supposed to protect people.

And those were certificates that existed. The exercise didn’t even touch missing paperwork, expired certificates, or what happens when a report comes back as a “fail” and remedial works are not tracked through to completion. Most agencies have seen these problems. The issue is that they appear quietly, spread slowly, and often only become urgent when it is already too late.

I have plenty of stories, but one still sits heavy. Two tenants died from carbon monoxide poisoning after falling asleep in front of a log fire. That is the part people avoid saying out loud. Compliance failures are not only about fines, reputation, or paperwork. They can be fatal.

So let’s look at the safety certificates agencies collect. Everyone knows you need a valid gas safety certificate during an active tenancy, but “having one on file” is not the same as having a proper validation process. Are all appliances listed? Is the address correct? Is it completed properly? Has anyone checked the contractor’s legitimacy? These aren’t pedantic questions. They are predictable gaps in predictable processes.

Electrical compliance is even messier. EICRs and PAT testing are misunderstood, inconsistently applied, and often treated as tick-box exercises rather than genuine controls. Many property managers assume an EICR is simply “every five years” without thinking about what is actually inside the report, what the observations mean, and what changes when a tenancy changes or a property is altered.

PAT testing is a perfect example of a grey area that trips people up. There may not be a single line of legislation that says “you must have PAT testing”, but the principle is clear. The electrics and any landlord-supplied appliances must be safe. Regular testing is one way to evidence that safety. The question is not whether PAT is explicitly mandated. The question is whether you can defend your approach, with evidence, if something goes wrong. Many agencies can’t, because the conversation never happened with the landlord, and the paper trail doesn’t exist.

And then there’s remedial work. A report that highlights danger is not “done” because it was filed. It is done when the risk is removed, evidenced, and recorded. That’s where systems often fall apart, because a document arriving feels like completion, even when it is only the start of the next set of actions.

Agents rarely fail compliance audits, especially around safety, because they don’t care. They fail because their day-to-day workflows aren’t built to handle the reality of volume, interruptions and human error. They rely on memory, best intentions and someone “keeping an eye on it”. That might work when everything is calm. It does not work when things are busy, staff change, contractors delay, or landlords avoid decisions.

In that warehouse, my manager never relied on memory or good intentions. He relied on process. That is the same mindset behind The Contractor. It is built to bring the “double-scan” approach into lettings compliance, so the basics do not get missed when it is busy. Checks that actually happen, reminders that do not get ignored, proof that can be pulled up instantly, and a clear record of who did what and when. Because when safety is the outcome, “I thought it was sorted” is not something you can afford to hear after the fact.