CAFM for UK housing associations: 2026 buyer's guide

What has changed in 2026

Awaab's Law brought statutory deadlines into a conversation that used to live in tenancy agreements. Damp and mould reports must be investigated within set windows; emergency hazards within shorter ones; remediation against a clock that the regulator can audit. A housing CAFM has to make those windows visible, attach evidence to them, and escalate before they breach. A Service Desk platform that cannot model the regulatory clock natively will fail those audits when they come.

Tenant Satisfaction Measures have made repair completion time, repair quality, and complaint handling into reportable outcomes. The ability to slice that data by stock, contractor, and complaint route is now operationally and politically necessary, not a reporting nice-to-have.

The Building Safety Act has created another data spine entirely for higher-risk buildings. Golden thread requirements, building safety case documentation, and resident engagement obligations now sit alongside the day-to- day repair workload in a way that legacy CAFM was not designed for.

Tenant self-service that actually works

A working tenant portal in 2026 is mobile-first, does not require a login for a basic repair report, accepts photos, and routes the report to the right team without anyone rekeying it. AI classification can usually identify the trade, the asset, the priority, and the suggested operative from the photo and a sentence of free text, with a confidence score that flags the few cases where a human should look.

The tenants who matter most for satisfaction measures are often the ones who would never use a portal that asks them to register first. The platforms that score well on TSM are the ones that meet tenants where they are: SMS confirmation via GOV.UK Notify, a portal link that does not demand an account, and a job tracker that shows the engineer's ETA without exposing their personal details.

Repairs SLA tracking with regulatory teeth

The minimum bar is clear. Configurable SLA windows by priority, with automatic escalation when a window is at risk. Audit-ready timestamps for every status transition. Photographic and certificate-based evidence linked to the job, not stored in a separate folder somewhere. Ability to report on regulatory windows separately from operational SLA so the tenant-facing window and the contract-facing window can both be tracked without confusing them.

The thing most housing CAFM platforms get wrong is the relationship between an inspection and a repair. A surveyor visits and identifies five issues. Those five issues need five separate repair jobs, each with their own clock, each with their own evidence trail, but linked to the inspection so that auditing the original visit is one click. Platforms that bolt repairs onto a property as a flat list lose that lineage.

Contractor management

Most housing repair work is delivered by contractors, often under a DPS or framework contract with multiple sub-trades. The CAFM has to handle vendor onboarding, insurance and qualification expiry alerts, performance scoring, and dispatch routing without becoming a separate system. When the contractor is on a phone in a tenant's kitchen, the experience needs to be the same as for an in-house engineer: same job pack, same evidence capture, same close-out process.

The platforms that do this well treat contractors as first-class users with restricted scope, not as an afterthought bolted onto the side. Documents, qualifications, and certificates are tracked with expiry alerts that fire before the contractor goes on site, not after the audit surfaces them.

GDPR and data residency for tenant data

Tenant data is sensitive. Photos taken inside homes, voice recordings of complaints, mental health flags, vulnerability indicators: these are special-category data in many cases, with a regulator who is paying attention. UK-only data residency, encrypted at rest and in transit, with a clear processor model and a working DPIA template, is now the table-stakes minimum for any housing CAFM procurement.

AI features make this sharper. If the platform classifies tenant reports using AI, the ATRS record needs to exist, the model needs to be UK-hosted or contractually bound to UK residency, and the tenant-facing transparency notice needs to be deliverable. Get this in writing before contract sign.

Procurement routes that fit social housing budgets

Most housing associations procure software through one of three routes: direct award under the threshold, a Crown Commercial Service framework such as G-Cloud, or a sector-specific Dynamic Purchasing System. Each has its own paperwork, its own timelines, and its own scoring weights.

The right route depends mostly on contract value over the lifetime of the deployment. G-Cloud is the most common for CAFM procurements above the threshold. Direct award works for smaller pilots or specific modules under threshold. DPS arrangements are common for bigger transformation programmes where multiple suppliers may be needed.

Whichever route you choose, the procurement document should weigh accessibility (WCAG 2.2 AA), social value, GOV.UK alignment, and regulatory readiness explicitly. Score them. Make vendors demonstrate them. Do not accept a brochure statement for any of them.

A buyer's checklist

The questions worth asking on every shortlist are simpler than most evaluation matrices admit. Can a tenant report a repair from a phone with no account? Does the platform handle Awaab's Law windows natively? Can the SLA escalation rules be changed by an admin without a vendor change request? How are AI-classified jobs handled when the model is uncertain? Where is tenant data stored, and who has access to it? Can a contractor work on a job without duplicating it into another system? How quickly can a new module be added when the regulator publishes a new requirement?

The vendors who answer those clearly are usually the ones worth shortlisting. The ones who deflect are usually the ones whose deployments take eighteen months and still do not quite work.