Gateway approvals are now programme risk events.

Gateway approvals under the building safety regime are not only regulatory milestones. For contractors working on higher-risk building projects, they can become programme-risk events. Approval timing, information quality, design maturity, change control and regulatory sequencing can all affect when works can start, whether works can continue, when completion can be achieved and whether delay can be explained, notified or recovered.

For Legalbuild clients, the practical issue is straightforward. If a gateway requirement affects time, it must be managed as part of the project’s programme, contract and evidence strategy. Treating the gateway process as separate from delivery can leave contractors exposed when delay later needs to be allocated, substantiated or defended.

Why the gateway process matters

The building safety regime introduces statutory decision points into the lifecycle of higher-risk building work. Gateway 1 operates at planning stage, Gateway 2 applies before building work starts, and Gateway 3 applies when building work is completed. Government materials describe Gateways 2 and 3 as stop/go decision points that must be passed before a development can proceed to the next stage.

That is commercially significant. A stop/go regulatory process is not merely an administrative step. It can become a direct constraint on commencement, sequencing, practical completion, occupation, handover and cashflow. If approval is delayed, rejected, conditional or dependent on further information, the programme may be affected before the contractor has even reached the ordinary construction risks of labour, procurement, productivity and site conditions.

The Building Safety Regulator’s 2026 to 2027 strategic plan also confirms that one of its priorities is building phase and Gateway 3, including ensuring safe construction and smoother Gateway 3 approvals. That reinforces the point that the regulator’s work is now embedded into the delivery and completion phase of higher-risk building projects. For contractors, the conclusion is clear: gateway approvals should be treated as programmed risk events, not simply compliance milestones.

The commercial issue: who carries the time risk?

Where a gateway requirement affects the programme, the immediate commercial question is: who carries the time risk? The answer will rarely be automatic. It will depend on the contract, the employer’s requirements, the scope, the design responsibility matrix, the programme assumptions, the approval strategy and the evidence.

Gateway delay may arise because:

• the employer’s design information was incomplete;

• the contractor’s design package was insufficiently developed;

• consultants failed to provide required information;

• the application was not properly coordinated;

• the regulator required clarification or further documentation;

• changes were made during the approval process;

• the programme assumed an unrealistic approval period;

• staged approval was not planned properly;

• Gateway 3 documentation was not assembled during delivery;

• completion evidence did not demonstrate compliance.

Each of those causes may lead to a different contractual answer. A contractor delayed by gateway sequencing may have a strong position where the cause sits with employer information, design change, late instruction, consultant delay or regulatory requirements allocated to the employer. But that position can weaken quickly if the contractor cannot show what was required, who was responsible, when the information was due, what was submitted, why approval was delayed and how the delay affected the critical path. That is the Legalbuild point: gateway risk is not only a compliance issue. It is a causation and evidence issue.

Gateway 2: commencement risk

Gateway 2 is particularly important because it sits before relevant building work starts. Government guidance describes Gateway 2 as replacing the building control deposit of plans stage for higher-risk buildings, with building control approval required from the Building Safety Regulator before relevant building work starts. That makes Gateway 2 a commencement risk.

If the project programme assumes that site works can begin before the approval position is mature, the contractor may inherit a timing problem from the outset. The issue may be sharpened where the contractor is appointed early, design remains under development, procurement is moving quickly, and commercial pressure exists to start as soon as possible. Build UK guidance states that a Gateway 2 application should demonstrate how the design and construction of a higher-risk building will comply with the Building Regulations, including by identifying every element requiring compliance, clarifying the relevant code or standard, and justifying how functional requirements have been met by reference to suitably labelled plans and drawings.

That level of information requirement has programme consequences. If design maturity is insufficient, the delay may not be caused by “the regulator” in any simple sense. It may be caused by the fact that the project was not ready for the application it was asking the regulator to approve. For contractors, Gateway 2 should therefore be reviewed before signing in the same way as procurement, access, design release and employer information obligations. The programme should not simply include a gateway date. It should identify the information pathway required to reach that date.

Gateway 3: completion and occupation risk

Gateway 3 is equally important because it sits at the completion and occupation interface. Government materials describe Gateway 3 as a stop/go point, with building control approval required before registering and commencing occupation of a higher-risk building. Gateway 3 applications must demonstrate how the building work complies with building regulations requirements so that the building is safe to occupy. That makes Gateway 3 a completion risk.

For contractors, the risk is not limited to whether the works are physically complete. The project may also need the evidence to demonstrate that it is complete in the way the building safety regime requires. That evidence may include design records, product information, inspection records, change control records, competence information, commissioning evidence, declarations, certificates and handover materials.

If those records are not built during delivery, Gateway 3 can become a retrospective reconstruction exercise. That is commercially dangerous. By the time completion is approaching, missing information may be difficult to obtain, responsibility may be disputed and delay may already be crystallising. This is where Legalbuild’s ethos is directly engaged: the evidential case must be built during delivery, not reconstructed after the programme has slipped.

Why design maturity matters

Gateway approvals increase the commercial importance of design maturity. CLC guidance states that the new regime has created a fundamental shift in the principles of the building control approval application process for higher-risk buildings, requiring significant design information before construction begins. It also states that applications should provide quality detailed information clearly and comprehensively demonstrating how the design and construction will comply with Building Regulations. That is a major delivery issue. Many construction programmes are built around overlapping design development, procurement and construction. That remains commercially attractive, but under the gateway process it creates more exposure if the approval strategy has not been properly aligned with the design release strategy.

The contractor should understand:

• what design information must exist before Gateway 2;

• what information can properly follow later;

• whether approval with requirements is being assumed;

• whether a staged application is intended;

• who is responsible for preparing each part of the application;

• how design change will be controlled after approval;

• how regulatory comments will be tracked;

• whether the contract programme reflects the approval strategy.

Without that discipline, the project may carry hidden programme risk from the start.

Why change control becomes more important

Gateway approvals also increase the importance of change control. On higher-risk building projects, change is not only a commercial variation issue. It may also affect the regulatory approval route, the evidence required to demonstrate compliance, and the sequence in which work can proceed. If a change affects fire strategy, structure, façade, product selection, layouts, services, compartmentation, access, means of escape, dutyholder information or other safety-critical matters, the contractor needs to know whether the change affects the gateway position. That issue should not be left to informal site discussion.

The record should show:

• what changed;

• who instructed or proposed the change;

• whether the change affected regulatory approval;

• what additional information was required;

• whether the programme was affected;

• whether notice was given;

• whether cost and time consequences were reserved;

• whether approval was obtained before affected work proceeded.

This matters because a contractor may otherwise find itself in a difficult position: the change may have been commercially necessary, but the evidential route from instruction to approval to programme impact may be incomplete.

The practical message for contractors

The practical lesson is that gateway risk should be mapped before delivery, not debated after the programme has slipped. Before signing, contractors should ask:

Who is responsible for gateway submissions?
The contract should identify who prepares, coordinates, submits and manages the application process.

What information is required and when?
The programme should include the design, technical, product, consultant and dutyholder information needed for the relevant gateway.

What design maturity is assumed?
If the programme assumes approval before the design is sufficiently developed, the contractor may be carrying an unpriced delay risk.

How are regulatory comments and rejection risks allocated?
If further information is required, the contract should help determine whether the consequence is employer risk, contractor risk, design risk or a compensable event.

How are changes managed after approval?
Change control needs to connect contractual instruction, regulatory approval, cost, time and evidence.

What records are needed for Gateway 3?
Completion evidence should be assembled throughout delivery, not collected at the end.

What notices are required if gateway delay emerges?
If approval timing affects the critical path, notice provisions should be considered immediately.

Where contractor positions can weaken

Contractor positions often weaken where gateway delay is described too generally. It is not enough to say that “Gateway 2 was delayed” or “the Building Safety Regulator took longer than expected”. That may be factually true, but it may not be enough to establish entitlement. A stronger position will identify:

• the contractual obligation affected;

• the relevant programme activity;

• the planned approval date;

• the actual approval date;

• the information required for submission;

• who was responsible for each information item;

• when the information was provided;

• what comments or queries were raised;

• whether the issue was caused by design, employer information, contractor information, regulatory processing or change;

• the effect on the critical path;

• the notice and contractual relief relied upon.

That is the difference between a general complaint about delay and a recoverable delay position.

Legalbuild’s view

For Legalbuild, gateway approvals reinforce a wider point about modern construction risk: compliance, programme and recovery cannot be managed in separate silos. Where regulatory approvals affect time, the contractor needs a clear contractual and evidential structure. The approval pathway must be built into the programme. Responsibility for information must be allocated. Design maturity must be tested. Change control must be disciplined. Notices must be considered early. The project record must show what caused delay and who was responsible for the relevant approval route.

Gateway approvals are therefore not just building safety milestones. They are delay, evidence and entitlement events. Contractors who manage gateway risk in real time will be better placed to protect their position if the project later moves into final account negotiation, adjudication or formal dispute resolution. Contractors who treat the gateway process as a separate regulatory track may find that delay has occurred, but entitlement has not been properly preserved. The conclusion is direct: on higher-risk building projects, gateway approvals must be managed as part of commercial risk governance. If approval timing can affect commencement, progress, completion or occupation, it must be programmed, evidenced and contractually controlled from the outset.

Source note: This article is based on the Building Safety Regulator’s strategic plan 2026 to 2027, government guidance on the building control regime for higher-risk buildings, the Building Safety Act 2022, and industry guidance on Gateway 2 and Gateway 3 applications. The government materials identify Gateway 1 at planning, Gateway 2 before building work starts and Gateway 3 when building work is completed, with Gateways 2 and 3 operating as stop/go decision points for higher-risk building work.