How the SIA Will Regulate Martyn's Law Compliance

The SIA's Expanded Role

The Security Industry Authority has been chosen as the regulator for Martyn's Law. This significantly expands the SIA's remit. Currently, the SIA primarily licenses individuals who work in the private security industry (door supervisors, security guards, CCTV operators). Under Martyn's Law, the SIA also becomes responsible for regulating premises and their compliance with terrorism protection requirements.

This is a significant shift. The SIA is moving from licensing individuals to regulating venues. During the 24-month implementation period, the SIA will establish the systems, processes, and resources needed to take on this new role.

Registration Requirements

All qualifying premises (200+ capacity) will need to register with the SIA. Registration is a notification process: you are telling the SIA that your premises is in scope and providing basic information about the venue and the responsible person. This is not an application for permission. You do not need SIA approval to operate.

The exact registration process, including what information you will need to provide and how the system will work, will be published by the SIA during the implementation period. Monitor the SIA website for updates as enforcement approaches.

How Inspections Will Work

The SIA will have the power to inspect qualifying premises to check compliance. While the exact inspection methodology will be developed during the implementation period, you can expect inspections to assess:

• Whether the premises is registered correctly
• Whether a responsible person has been designated
• Whether public protection procedures exist and are documented (standard tier)
• Whether a risk assessment and security plan are in place (enhanced tier)
• Whether staff have been trained and training records exist
• Whether the measures in place are proportionate to the venue's risk profile
• Whether procedures have been reviewed and updated as required

Inspections may be scheduled or unannounced. The SIA is likely to take a risk-based approach, prioritising enhanced tier venues and those where concerns have been raised, but any in-scope premises could be inspected at any time.

Enforcement Powers

The Act gives the SIA a range of enforcement tools:

• Compliance notices: Requiring the responsible person to take specific steps to achieve compliance within a set timeframe.
• Restriction notices: Limiting or restricting the use of premises where there is a serious risk to public safety. In extreme cases, this could mean a venue is unable to operate until compliance is achieved.
• Monetary penalties: Financial fines for non-compliance. The Act allows for significant penalties, with higher amounts for enhanced tier venues and for persistent or serious breaches.

The SIA has indicated that its approach will be proportionate and focused on supporting compliance rather than punishing venues. However, the enforcement tools are there for a reason, and venues that ignore their obligations or refuse to engage will face consequences.

Penalties for Non-Compliance

The penalty framework distinguishes between standard and enhanced tier. Enhanced tier venues face higher maximum penalties because they carry greater risk and have more extensive obligations. Penalties also escalate for repeat non-compliance. A venue that receives a compliance notice and fails to act on it can expect increasingly serious enforcement action.

Beyond financial penalties, non-compliance carries reputational risk. A restriction notice that limits your ability to operate, or public enforcement action by the SIA, can damage your venue's reputation with customers, insurers, and local authorities.

How to Prepare for SIA Scrutiny

The best way to prepare for an SIA inspection is to be genuinely compliant, not just compliant on paper. That said, presentation matters. Inspectors will assess based on what you can demonstrate, so good documentation and organisation are important.

Practical preparation steps:

1. Keep a compliance folder (physical or digital) with your risk assessment, security plan, procedures, training records, review notes, and incident logs all in one place.
2. Date and sign everything. Inspectors want to see that documents are current and that specific people took responsibility for them.
3. Record your training. Who was trained, when, on what, and by whom. Keep attendance records.
4. Log your reviews. Even if a review results in no changes, document that the review took place and what was considered.
5. Be ready to explain your approach. An inspector may ask why you chose certain measures over others. Being able to articulate your reasoning, based on your risk assessment, demonstrates genuine engagement with the Act's requirements.
6. Use technology that generates audit trails. AI behaviour detection platforms log every alert, response, and action, giving you documented evidence of active monitoring that you can present to inspectors.

Working With the SIA

The SIA's role is to improve security, not to shut venues down. Engage with the SIA proactively. Register early. Attend any guidance sessions or webinars they offer. If you are unsure about any aspect of compliance, ask. It is far better to engage with the regulator before enforcement than to be caught unprepared during an inspection.