Martyn's Law Timeline: Key Dates and Deadlines

The Legislative Timeline

Martyn's Law has been in development for several years. Understanding the timeline helps you plan your compliance approach and avoid last-minute scrambling.

• 22 May 2017: The Manchester Arena bombing kills 22 people including Martyn Hett. In the aftermath, Figen Murray begins her campaign for protective legislation.
• 2019-2021: Government consultation on the "Protect Duty" concept. Thousands of responses from venues, security professionals, and the public.
• 2022-2023: Draft legislation developed and refined following consultation feedback.
• 2024: The Terrorism (Protection of Premises) Bill introduced to Parliament.
• April 2025: The Act receives Royal Assent and becomes law.
• April 2025 to approximately April 2027: The 24-month implementation period. The Act is law but not yet enforced. This is your preparation window.
• Approximately April 2027: Enforcement begins. The SIA starts regulating compliance and has the power to inspect and take action.

What Happens During the Implementation Period

The 24-month window between Royal Assent and enforcement is not dead time. Several things happen during this period:

• The SIA establishes its regulatory framework for Martyn's Law compliance
• Detailed guidance is published for different sectors and venue types
• The SIA registration system is developed and made available
• Consultation on secondary legislation and specific regulatory requirements may take place
• Industry bodies develop sector-specific guidance and training resources

Venues should use this time productively. Do not wait for final guidance on every detail before starting work. The core requirements are clear. Begin now.

What to Do Now (Months 1-6)

The first six months should focus on understanding and assessment:

1. Determine your tier. Calculate your premises capacity and confirm whether you are standard or enhanced tier.
2. Identify the responsible person and make sure they understand the role.
3. Audit your current security. What do you already have in place? What are the gaps?
4. Start your risk assessment. Even for standard tier venues where it is not formally required, understanding your vulnerabilities is the foundation of good planning.
5. Engage with your local Counter Terrorism Security Advisor (CTSA). They offer free advice and can help you understand what is expected.

What to Do at 6-12 Months

The middle phase is about building your compliance framework:

1. Write your public protection procedures. Document evacuation, invacuation, lockdown, and communication plans.
2. For enhanced tier: complete your risk assessment and draft your security plan.
3. Begin staff training. Start with your security team and front-of-house staff, then roll out awareness training to all employees.
4. Make technology decisions. If you need CCTV upgrades, AI monitoring, or other technology, start procurement now. Lead times for installation and configuration can be several months.
5. Develop your documentation system. Set up a way to store, update, and retrieve your compliance documents, training records, and incident logs.

What to Do at 12-18 Months

The third phase focuses on testing and refinement:

1. Test your procedures. Run tabletop exercises and, where practical, physical drills.
2. Review and update your risk assessment based on any changes to your premises, operations, or the threat environment.
3. Complete technology implementation. Ensure all systems are operational and staff know how to use them.
4. Deliver refresher training to staff who were trained early in the process.
5. Prepare for SIA registration. Gather the information you will need to notify the SIA.

What Must Be Done Before Enforcement (18-24 Months)

The final phase is about readiness:

1. Register with the SIA as soon as the registration system opens.
2. Conduct a final review of all procedures, plans, and documentation.
3. Ensure all staff training is current. Anyone who has not been trained or refreshed needs to be before enforcement day.
4. Prepare for inspection. Organise your documentation so that you can demonstrate compliance quickly and clearly.
5. Brief your leadership team. Make sure senior management or the board understands the obligations and the potential consequences of non-compliance.

Do Not Leave It Until the End

Every compliance deadline in every industry follows the same pattern: a rush of activity in the final months by organisations that should have started sooner. The venues that start now will be better prepared, will have had time to test and refine their approach, and will be in a strong position when the SIA starts inspecting. Those that wait will face higher costs, greater stress, and a higher risk of falling short.