Construction Management’s May article, on three years of the Building Safety Act, captured the practical reality of a regulator-led, gateway-driven safety regime now embedded into the daily work of partners, project managers, cost managers and duty-holders. The article, drawing on the multidisciplinary perspective of Rider Levett Bucknall, showed how safety accountability has moved from principle into operational evidence.
HMRC’s April 2026 Joint and Several Liability regime now creates a parallel pressure point for PAYE, umbrella labour and contingent workforce governance.
What the Building Safety Act has done for building safety, JSL now begins to do for PAYE and Labour Supply Chain Assurance by bringing named accountability, dated evidence and regulator-ready control to the workforce supply chain.
For construction end-hirers, Principal Contractors, MSPs and public-sector construction buyers, the significance is simple: the same chain now carries both safety accountability and labour supply chain accountability.
Two regimes. One supply chain. One evidence discipline.
Why JSL and the Building Safety Act now meet on the same desk
The convergence is structural.
The Building Safety Act names duty-holders by role and requires a golden thread of dated, accessible evidence. JSL, inserted into Part 2 of the Income Tax (Earnings and Pensions) Act 2003 as Chapter 11 by section 24 of the Finance Act 2026, names the recruitment agency and, in some circumstances, the end client by role. It then asks them to assure umbrella PAYE behaviour across the labour supply chain.
In construction, those accountabilities often land in the same commercial structure. The named end client under JSL may be the same legal entity, group or operating company that also carries Principal Contractor, Principal Designer or wider duty-holder obligations under the Building Safety Act.
That means JSL in construction is not simply another HR, payroll or procurement concern. It sits directly beside the governance model construction principals have already been building since 2022.
Named accountabilities. Dated decisions. Evidence retained. Controls capable of being produced when the regulator asks.
What construction already understands from the Building Safety Act
The post-2022 Building Safety Act regime has forced construction organisations to adapt to a more explicit form of accountability.
Higher-risk building registration began in April 2023. Gateway 2 and Gateway 3 approvals followed. The Building Safety Regulator became a standalone body under the Ministry of Housing, Communities and Local Government. From 1 October 2026, the Building Safety Levy adds another financial control point into residential development.
The industry has already felt the operational impact. In the Construction Management article of 20 May 2026, Mich Wizenberg, fire partner at Rider Levett Bucknall, observed that Gateway 2 delays were creating cost implications and that Gateway 3 would test whether the right people, with the right knowledge, were in place as gatekeepers of building safety. RLB cost-management partners Paul Sambrook and Jeremy Spill noted the disruption and additional cost created by the way governance had been implemented, particularly against the backdrop of residential delivery targets.
Read through a labour supply chain lens, the lesson is clear.
Construction has already been asked to prove safety governance through named individuals, recorded decisions and dated evidence. HMRC is now asking the sector to bring the same operating discipline to PAYE and Labour Supply Chain Assurance.
The question is no longer whether the construction principal asked the right question once. The question is whether the organisation can evidence, repeatedly and contemporaneously, that the labour chain was mapped, checked, challenged, remediated and governed.
What JSL adds to construction labour supply chains from 6 April 2026
HMRC’s Joint and Several Liability rules for umbrella companies came into force on 6 April 2026.
The mechanism is direct. Where an umbrella company in the chain fails to remit PAYE, employee National Insurance, employer National Insurance or Apprenticeship Levy, HMRC may pursue the recruitment agency for the shortfall or, in some circumstances, the end client.
In construction, that exposure lands in one of the UK’s most complex labour environments.
CIS already governs payments to subcontractors. Agency workers, contract-for-services subcontractors, umbrella workers, MSP arrangements, project-specific suppliers and public-sector procurement frameworks can all coexist on the same project. JSL does not replace CIS. It stacks on top of it.
A synthetic-identity placement, a non-compliant umbrella, an unreconciled worker record or a PAYE default on a construction site can therefore trigger multiple lines of regulatory concern at once: CIS verification, PAYE assurance, RTI reconciliation, worker identity controls and upstream recovery under JSL.
In practical terms, JSL in construction turns Labour Supply Chain Assurance into a board-level risk control.
Asking is not assurance
A central risk for construction end-hirers is mistaking supplier questioning for supplier assurance.
On OPRaaS’s reading of HMRC’s Guidelines for Compliance GfC12, taken together with the reasonable prevention procedures language familiar from the Criminal Finances Act 2017, the obligation is not satisfied by asking an umbrella company whether checks are in place.
Asking is a process step.
Assurance requires evidence.
A construction principal needs to know whether checks were rigorous, repeated, reconciled and retained. It needs to know who performed them, when they were performed, what exceptions were found, what remediation followed, and whether any supplier-level decisions were made as a result.
That is the difference between a paper trail and a defence file.
There is no statutory safe harbour under Chapter 11 of ITEPA 2003. But there is a clear commercial distinction between an organisation that can evidence reasonable, structured, contemporaneous labour chain governance and one that can only show that assurances were requested.
For JSL in construction, the realistic mitigation sits in the evidence.
The same evidence discipline now applies to both regimes
Under the Building Safety Act, the golden thread captures information such as duty-holder competence, gateway submissions, approvals, design changes, contractor declarations and evidence required across the life of the building.
Under JSL and HMRC’s labour supply chain framework, the equivalent Labour Supply Chain Assurance record needs to capture:
- a tier-by-tier map of agencies, sub-agencies, MSPs and umbrellas on the project;
- Right to Work, identity, bank-detail and National Insurance checks per worker;
- CIS verification records reconciled monthly;
- umbrella audit records aligned to GfC12;
- RTI and payslip sampling;
- bank payment reconciliation;
- red-flag history;
- exception reporting;
- remediation actions;
- supplier suspension or exit decisions;
- dated evidence capable of being produced to HMRC, the Fair Work Agency or another relevant authority.
The subject matter is different, but the governance shape is familiar.
Named people. Repeated checks. Dated entries. Structured retention. Evidence available on demand.
Construction principals that have already built the operating muscle for Building Safety Act compliance are closer than many sectors to understanding what JSL now requires. The task is to apply that same discipline to the labour chain.
The OPRaaS Virtual Compliance Director for construction
The OPRaaS Virtual Compliance Director was built to operationalise HMRC-style Labour Supply Chain Assurance across organisations that rely on temporary, contractor and contingent labour.
OPRaaS, On-Pay-Roll-as-a-Service, is a systemised governance and workforce management partner for organisations exposed to JSL, CIS, IR35, GLAA, modern slavery and wider HMRC labour supply chain expectations.
For construction end-hirers, Principal Contractors, recruitment agencies, MSPs, umbrella companies and public-sector buyers, the OPRaaS VCD platform embeds senior governance leadership into the labour supply chain and produces audit-ready evidence that mirrors the same governance discipline construction already recognises from safety.
The operating model is simple:
Map. Train. Audit. Evidence.
In construction practice, that means:
- mapping every tier in the project labour chain, including agencies, subcontract chains, MSPs and umbrella PSLs;
- training procurement, HR, finance, commercial and project teams to recognise JSL and GfC12 risk signals;
- auditing umbrellas against HMRC’s assurance expectations;
- reconciling worker-level evidence across identity, Right to Work, National Insurance, bank details, RTI, payslips and CIS status;
- recording exceptions, remediation actions and supplier-level decisions;
- writing the resulting governance evidence into the OPRaaS Defence File.
What the OPRaaS Defence File captures
The OPRaaS Defence File is designed to give construction principals a structured, contemporaneous evidence record of PAYE and Labour Supply Chain Assurance.
For example, each umbrella’s Right to Work, identity, bank-detail and National Insurance checks can be captured at onboarding, reviewed against risk indicators, and re-tested when there is a material change or pay-run anomaly.
CIS deduction status for subcontractors can be reconciled monthly against HMRC verification. RTI submissions and payslip samples can be checked for duplicate National Insurance numbers, bank-detail clustering, unexplained worker patterns and other markers of synthetic-identity or payroll risk.
Where exceptions arise, the Defence File records the finding, the decision, the remediation action and the supplier-level outcome.
The purpose is not to claim immunity from JSL. There is no statutory safe harbour. The purpose is to reduce the likelihood and impact of exposure, improve control over the labour chain, and evidence the organisation’s due diligence if HMRC, the Fair Work Agency, a public-sector buyer or another regulator asks for proof.
Why this matters to public-sector construction buyers
Public-sector construction buyers face a particular governance challenge. They are expected to procure responsibly, manage public money, understand their supply chains and evidence compliance across increasingly complex delivery models.
OPRaaS is approved on UK Government Commercial Agency frameworks including RM6310 Audit & Assurance Services, Lots 2 and 4, RM6219 Learning & Training Services DPS, and RM6237 Learning & Training Services DPS.
That makes the OPRaaS VCD platform directly relevant to public-sector construction buyers, tier-one Principal Contractors, recruitment agencies, umbrella companies and MSPs operating on UK construction programmes.
For public-sector buyers, the commercial question is not only whether the project is delivered. It is whether the labour model supporting delivery can withstand scrutiny.
Why JSL in construction is now a board-level conversation
For boards at construction end-hirers, large agencies, MSPs and tier-one Principal Contractors, JSL in construction is no longer an operational payroll issue.
It is a balance-sheet question.
It shares a desk with the Building Safety Act because it follows the same regulatory direction: named parties, named duties, dated evidence, accountable decisions and consequences when the chain fails.
Construction has spent three years adapting to safety accountability. From 6 April 2026, the labour supply chain now requires the same level of discipline.
The organisations that treat JSL as an admin issue will ask suppliers for reassurance.
The organisations that treat JSL as a board-level control will build evidence.
Talk to OPRaaS about your construction labour chain
A thirty-minute scoping call will show how the OPRaaS Virtual Compliance Director platform applies the GfC12 assurance standard to your construction labour chain and produces a continuous, audit-ready Defence File.
For construction end-hirers, Principal Contractors, recruitment agencies, MSPs, umbrella companies and public-sector construction buyers, the goal is clear:
Own your compliance as an asset. Evidenced, every day.
Use the contact form in the sidebar to the right of this article, or email info@opraas.co.uk.
Sources and references
Drawing on Samantha Mepham, writing in Construction Management, 20 May 2026; the Building Safety Act 2022 and the Building Safety Levy commencing 1 October 2026; HMRC Guidelines for Compliance GfC12; the Finance Act 2026 section 24 inserting Chapter 11 of Part 2 of ITEPA 2003; HMRC CIS guidance; and Criminal Finances Act 2017 reasonable prevention procedures.
Talk to OPRaaS about your supply chain.
Use the contact form in the sidebar to the right of this article, or email info@opraas.co.uk.
This article is published for general information and educational purposes only. It is believed to be accurate at the time of publication and reflects the legislation, HMRC guidance, and market practice referenced. It is not legal, tax, employment, accounting, or regulatory advice and should not be relied upon as such. Compliance obligations vary by organisation, supply chain, and engagement type; please consult your own qualified legal, tax, or compliance advisor before acting on any point covered here. Any images, screenshots, dashboards, or platform displays shown are for illustration and reference purposes only and do not necessarily depict the live OPRaaS platform, live customer data, or actual on-screen output. Trademarks, framework names, and statutory references remain the property of their respective owners. While we take every care, errors can occur; if you spot an inaccuracy, please let us know at info@opraas.co.uk.