Library / Stage 10 — Other References
GN-IS-00

Introduction — Iso, Audit & Rics Firm Regulation

1.0 — April 2026Review April 2027RICS-regulated QS firms (England & Wales)
Section 1

Purpose

This guidance note is designed for quantity surveyors who are establishing or recently established their own RICS-regulated practice. It covers two inter-related obligations: (a) registration with RICS as a regulated firm and ongoing compliance with the RICS Rules of Conduct 2021; and (b) the implementation and maintenance of a Quality Management System (QMS) consistent with ISO 9001:2015. Together, these form the governance and quality foundation of any professional QS firm.

For a newly qualified QS setting up alone or with partners, RICS regulation is not optional — it is a mandatory requirement if the firm is to describe itself as 'Regulated by RICS' and offer services to clients. Registration requires meeting eligibility criteria, appointing a Responsible Principal, maintaining adequate PII, publishing a Complaints Handling Procedure (CHP), and filing an Annual Return. These obligations are governed by the RICS Rules of Conduct (effective 2 February 2022) and its Appendix A mandatory professional obligations.

ISO 9001:2015 is the internationally recognised standard for quality management systems. While certification is not mandated by RICS, operating to ISO 9001 principles helps a QS firm demonstrate systematic quality control to clients, manage risk, meet RICS Rule 3 (good-quality and diligent service), and satisfy due diligence requirements from larger clients and frameworks. This guidance note covers both tracks so that a practitioner understands what each requires and how they complement each other.

Section 2

Key Principles

  • RICS Firm Registration — Eligibility: To register as 'Regulated by RICS', a firm must have at least 25% of its principals (partners, directors, owners, or senior managers) holding RICS professional qualifications (MRICS, FRICS, or AssocRICS). A Responsible Principal must be appointed before registration. The firm must commit to RICS Rules of Conduct and all Appendix A mandatory obligations. (Rules for Registration of Firms, Version 8, RICS, 2022)
  • RICS Rules of Conduct — The Five Rules: The RICS Rules of Conduct (effective 2 February 2022) set out five rules binding on all members and regulated firms: Rule 1 — Honesty, Integrity and Professional Obligations; Rule 2 — Professional Competence; Rule 3 — Good-Quality and Diligent Service; Rule 4 — Respect, Diversity and Inclusion; Rule 5 — Public Interest and Accountability. Appendix A adds seven specific mandatory obligations applicable to firms: Responsible Principal; CHP; PII; Sole Principal Arrangements; CPD; Cooperation with RICS; and Client Money (where applicable). (RICS Rules of Conduct, October 2021)
  • Professional Indemnity Insurance — July 2024 Requirements: All RICS-regulated firms must maintain PII meeting RICS minimum terms and conditions. From July 2024, the minimum limit of indemnity is the higher of €1,300,380 per claim (approximately £1.1m) or an aggregate of €1,924,560 (approximately £1.6m), or 10% of annual income. The 2024 revision introduced specific provisions for fire safety cover, external wall systems (EWS), and run-off cover. PII must be declared annually on the RICS Annual Return. (RICS PII Requirements, July 2024)
  • Complaints Handling and ADR: Every RICS-regulated firm must publish a written Complaints Handling Procedure (CHP) with a two-stage process: Stage 1 (internal resolution); Stage 2 (escalation to a named RICS-approved ADR provider). The firm must name an ADR provider before any complaint arises. CEDR is the current default UK ADR provider. ADR must be free to consumers. A complaints log must be maintained. (RICS Complaints Handling Professional Standard, October 2023)
  • ISO 9001:2015 — The Operative Clauses: ISO 9001:2015 is organised around 10 clauses; Clauses 4–10 contain all operative requirements. For a QS firm, the most significant are: Clause 5 (leadership commitment and quality policy); Clause 7 (competence, document control, and communication); Clause 8 (commission review, service delivery control, and subconsultant management); Clause 9 (internal audits, client satisfaction measurement, and management review); and Clause 10 (nonconformity, corrective action, and continual improvement). (BS EN ISO 9001:2015, BSI)
  • Internal Audit — Clause 9.2 Requirements: ISO 9001:2015 Clause 9.2 requires firms to conduct planned internal audits at defined intervals covering all QMS processes over an audit cycle. Auditors must be objective and not audit their own work. Audit reports must be retained as documented evidence. Any nonconformities must be addressed promptly. For a small QS firm, an annual audit programme covering all key processes (document control, commission review, competence, client satisfaction, nonconformance, management review) is a practical baseline. (ISO 9001:2015, Clause 9.2)
  • CPD — Mandatory Annual Requirements: All RICS members within the firm must complete a minimum of 20 hours CPD per calendar year, of which at least 10 hours must be formal (structured) learning. CPD must be recorded through the RICS MyAccount portal by 31 January following the year of completion. A revised CPD framework takes effect from January 2026. The Responsible Principal must ensure all members within the firm comply. (RICS CPD Compliance Guide, current at April 2026)
Section 3

Practical Application

Step 1
— Register the Firm with RICS

Before offering services as an 'RICS-regulated firm', complete registration: (a) Confirm that at least 25% of principals hold RICS qualifications; (b) Appoint a Responsible Principal and submit the Responsible Principal Application Form; (c) Download and complete the Firm Details Application Form (PDF); (d) Submit to regulation@rics.org; (e) Receive invitation to complete registration through RICS MyAccount portal; (f) Declare PII, CHP, and all Appendix A obligations.

Step 2
— Appoint a Responsible Principal

The Responsible Principal (RP) must be an RICS member and is personally responsible for ensuring that RICS standards are met across the firm. The RP's obligations include: overseeing quality and ethics; ensuring PII is in place and adequate; confirming the CHP is published; monitoring CPD compliance of all RICS members in the firm; and being the primary contact with RICS regulation. Document the RP appointment formally within the firm.

Step 3
— Draft and Publish your Complaints Handling Procedure

Before the firm accepts its first commission: (a) Use the RICS Example CHP and Log template as a basis; (b) Ensure the CHP names an RICS-approved ADR provider (CEDR for most QS work); (c) Set out a clear two-stage process; (d) Publish on the firm's website; (e) Confirm availability to all clients at appointment stage (include reference in the engagement letter); (f) Set up a complaints log (whether physical or digital); (g) Review and update the CHP annually.

Step 4
— Obtain and Maintain Adequate PII

(a) Approach a specialist RICS-scheme broker for PII on RICS-approved minimum terms (July 2024 wording); (b) Confirm coverage for all services in your scope — including fire safety, EWS/EWS1 if required; (c) Ensure run-off cover requirements are understood; (d) Complete the PII declaration on annual RICS renewal; (e) Disclose PII details to clients at appointment stage (complete the PII Disclosure Schedule); (f) Diarise renewal date and review 90 days in advance.

Step 5
— Establish a Quality Management System

To implement a QMS consistent with ISO 9001:2015 Clauses 4–10: (a) Write a one-page Quality Policy signed by the RP — circulate to all staff; (b) Define the QMS Scope (what services and activities are covered); (c) Set measurable Quality Objectives (e.g., 'all cost plans peer-reviewed before issue'; '20 hours CPD per member per year'); (d) Document key procedures: commission review, document control, subconsultant management, client feedback, and nonconformance; (e) Maintain a competence/training matrix for all fee earners; (f) Build a template library with version control.

Step 6
— Implement Document and Record Control

Under ISO 9001 Clause 7.5, all documents and records must be controlled. In practice: (a) Assign a version number, date, and author to every template and procedure document; (b) Maintain a document register showing current and superseded versions; (c) Ensure only current versions are in use — archive superseded versions clearly; (d) Retain mandatory records (competence evidence, commission reviews, audit reports, NCRs, management review minutes) for a minimum of 6 years.

Step 7
— Conduct Annual Internal Audits

(a) Prepare an annual audit programme at the start of each calendar year covering all QMS processes; (b) Assign each audit to a person who does not have direct responsibility for the area being audited; (c) Use a standard Internal Audit Checklist for each audit; (d) Document findings and any nonconformities raised; (e) Issue the audit report to the RP and agree corrective actions; (f) Follow up to confirm corrective actions are effective; (g) Present audit summary at the Annual Management Review.

Step 8
— File the RICS Annual Return and Conduct Management Review

(a) Log into RICS MyAccount and complete the Annual Return before the deadline each year; (b) Declare PII, CHP, complaints log, CPD compliance of all members, and (if applicable) valuation and client money activity; (c) Pay the annual firm registration fee; (d) Conduct a formal Annual Management Review meeting — agenda must cover: internal audit results, client satisfaction data, complaints log review, QMS objectives performance, resource adequacy, PII renewal, and risks/opportunities; (e) Minute the Management Review and retain the minutes.

Section 4

Common Mistakes to Avoid

  • Failing to appoint a Responsible Principal before registration — the RP application must be submitted and approved first, or the firm registration will be refused. The RP must be an RICS member; a non-member director or shareholder cannot fulfil this role.
  • Publishing a generic CHP that does not name a specific ADR provider. RICS requires the ADR provider to be named in the CHP before any complaint arises. A vague reference to 'an approved ADR scheme' does not satisfy the mandatory obligation. ADR must also be free to consumers — firms that charge consumers for ADR are in breach.
  • Treating ISO 9001 as a paperwork exercise only — creating procedures that are never followed. ISO 9001 Clause 9.2 requires the QMS to be effectively implemented, not just documented. Internal auditors must check what actually happens against what procedures say. Certification bodies and RICS monitoring both look for evidence of real application, not just document existence.
  • Missing PII renewal deadlines or failing to declare adequate PII on the Annual Return. A gap in PII cover — even for a single day — is a breach of RICS Rules of Conduct and leaves the firm and its clients unprotected. Diarise renewal 90 days in advance. Ensure run-off cover is secured when ceasing practice.
  • Confusing ISO 9001 'nonconformity' with 'complaint'. A nonconformity under ISO 9001 Clause 10.2 is any failure of a QMS process to operate as documented — this includes internal errors found before a deliverable reaches the client. It is not limited to client complaints. All nonconformities must be recorded in the NCR register, root-cause analysed, and acted on — regardless of whether they caused client impact.
Section 5

APC Competency & Quick Reference

  • Conduct Rules, Ethics and Professional Practice (Level 3 — Mandatory)
  • Client Care (Level 2 — Mandatory)
  • Communication and Negotiation (Level 2 — Mandatory)
  • Quality Management (where applicable to firm management)
  • Miscellaneous — Firm Management and Business Operations
What are the mandatory professional obligations for a newly RICS-regulated QS firm under Appendix A of the Rules of Conduct?
Appendix A to the RICS Rules of Conduct (effective February 2022) sets out seven mandatory obligations: (1) appointment of a Responsible Principal; (2) a published Complaints Handling Procedure naming an ADR provider; (3) PII meeting RICS minimum terms (July 2024 onwards); (4) Sole Principal continuity arrangements (for sole traders); (5) CPD compliance for all RICS members; (6) full cooperation with RICS regulation; and (7) compliance with the Client Money Handling Professional Statement (where client money is held).
A QS firm is setting up a QMS consistent with ISO 9001:2015. What documents are strictly mandatory under the standard, and what records must be retained?
ISO 9001:2015 mandates four documents: (1) QMS Scope; (2) Quality Policy; (3) Quality Objectives; and (4) Supplier/subconsultant evaluation criteria. Key mandatory records include: competence evidence (Clause 7.2); commission/requirement reviews (Clause 8.2); conformity evidence (Clause 8.6 — sign-off before issue); nonconforming output records (Clause 8.7); internal audit programme and reports (Clause 9.2); and management review minutes (Clause 9.3). The Quality Manual is no longer mandatory under the 2015 revision, although many firms retain one as a master reference.
What does RICS require of a regulated firm in relation to its Annual Return, and what are the consequences of non-compliance?
The RICS Annual Return is completed annually through the MyAccount portal and covers: PII declaration (confirming policy meets July 2024 minimum terms); Complaints Handling Procedure status and named ADR provider; CPD compliance of all RICS members; and (where applicable) valuation service details and client money activity. Non-compliance with any mandatory obligation — including a gap in PII, failure to publish a CHP, or failure to file the Annual Return — constitutes a breach of the Rules of Conduct. Sanctions available to the RICS Regulatory Tribunal include reprimand, fine, conditions on registration, suspension, and expulsion.
Section 6

ISO & RICS Firm Regulation Checklist

RICS firm registration submitted (at least 25% RICS-qualified principals)
Responsible Principal appointed and registered with RICS
PII in place on RICS-approved minimum wording (July 2024)
Complaints Handling Procedure drafted, naming ADR provider (CEDR or other approved)
CHP published on firm website and issued to clients at appointment
Complaints log set up and maintained
RICS Annual Return filed (annually) and registration fee paid
All RICS members' CPD logged — minimum 20 hours/year (10 formal)
Client Money Handling Procedure and CMP Scheme registration (if client money held)
Quality Policy drafted, signed by RP, and communicated to all staff
QMS Scope defined in writing (services, locations, exclusions justified)
Quality Objectives set and monitored
Document control procedure in place (version numbers, register, archiving)
Commission/appointment review procedure documented and applied
Annual internal audit programme completed — all processes covered
Annual Management Review conducted and minuted
Non-Conformance Register maintained — all NCRs root-cause analysed
Section 7

CPD Learning Outcomes

  • Identify the mandatory obligations required of a newly RICS-regulated QS firm under the Rules of Conduct (February 2022) and Appendix A, including registration, PII, CHP, CPD, and client money requirements.
  • Explain the operative requirements of ISO 9001:2015 Clauses 4–10 as they apply to a QS professional services firm, including document control, internal audit, nonconformance, and management review obligations.
  • Apply the RICS Annual Return process, CPD recording requirements, and ISO 9001 audit cycle to establish a proportionate compliance framework suitable for a small or newly established QS practice.
Section 8

Further Reading

  • RICS Rules of Conduct, October 2021 (effective 2 February 2022) — RICS: https://www.rics.org/content/dam/ricsglobal/documents/standards/2021_roc_en.pdf
  • RICS Professional Indemnity Insurance Requirements, July 2024 — RICS: https://www.rics.org/content/dam/ricsglobal/documents/regulation/July-2024-Professional-indemnity-insurance-requirements-UK.pdf
  • RICS Complaints Handling Professional Standard, 1st Edition, October 2023 — RICS: https://www.rics.org/content/dam/ricsglobal/documents/standards/Complaints-handling_Oct-2023.pdf
  • RICS Client Money Handling Professional Statement, 1st Edition — RICS: https://www.rics.org/regulation/regulatory-schemes/client-money/client-money-handling-1st-edition
  • BS EN ISO 9001:2015 — Quality Management Systems: Requirements — BSI Group: https://www.bsigroup.com/en-GB/standards/bs-en-iso-9001/
  • Rules for Registration of Firms, Version 8 — RICS, 2022: https://www.rics.org/content/dam/ricsglobal/documents/standards/Rules_For_The_Registration_Of_Firms_Version_8.pdf
Subscriber Content

Sections 3–8 are for subscribers

Your subscription unlocks Practical Application steps, Common Mistakes to Avoid, APC Quick Reference, the Stage Checklist, CPD Learning Outcomes, Further Reading, and all production-ready templates.

Subscribe from £19/mo
QS GUIDANCE NOTES