Martyn's Law Statutory Guidance Published: Key Actions for Businesses

The statutory guidance for the Terrorism (Protection of Premises) Act 2025 (Martyn's Law) has now been published and laid before Parliament, providing organisations with greater clarity on how they will be expected to meet their legal duties once the legislation comes fully into force.

The guidance serves as a key reference document for those responsible for publicly accessible premises and events, outlining expectations around public protection procedures, risk assessments, security measures, staff training and emergency response planning.

For businesses, venue operators and event organisers, now is an ideal time to review existing arrangements and begin preparing for future compliance.

1. Determine Whether Your Premises or Events Fall Within Scope

One of the first considerations for any organisation is whether their premises or events are covered by the legislation.

The Act applies to premises that:

• Are in, or include, a building.

• Are primarily used for specified public-facing activities such as retail, hospitality, leisure, education or entertainment.

• Can reasonably be expected to accommodate 200 or more people at the same time.

• Are not specifically excluded under Schedule 2 of the Act.

Where multiple qualifying premises exist within a larger building, such as shopping centres or entertainment complexes, responsibilities may apply separately to individual occupiers as well as building operators.

2. Understand the Difference Between Standard and Enhanced Tier Requirements

The legislation adopts a tiered approach based on the number of people expected to be present at a premises or event.

Standard Tier Premises (200–799 People)

Duty holders must implement public protection procedures that are reasonably practicable, including:

• Terrorism-focused threat and risk assessments.

• Appropriate security arrangements.

• Staff awareness and preparedness training.

• Emergency response procedures.

Enhanced Tier Premises (800+ People)

Enhanced Tier premises are subject to additional requirements, including:

• More detailed site-specific terrorism risk assessments.

• Enhanced physical security measures.

• Access control and monitoring arrangements.

• Documented security procedures and measures.

• The ability to provide compliance information to the Security Industry Authority (SIA) when required.

Understanding which tier applies to your organisation is essential when planning future compliance activities.

3. Review Terrorism-Specific Risk Assessments

The statutory guidance makes it clear that organisations should specifically assess terrorism-related risks rather than relying solely on general health and safety or crime prevention assessments.

Risk assessments should consider potential threats relevant to the premises, including:

• Marauding attacks.

• Vehicle-borne threats.

• Improvised explosive devices.

• Vulnerabilities relating to public access points and crowd management.

The assessment process should take account of building layouts, entry points, emergency exits and how people could be protected during an incident.

4. Implement Appropriate Public Protection Measures

The guidance places significant emphasis on practical and proportionate public protection arrangements.

Areas organisations should review include:

• Access control measures.

• Security screening where appropriate.

• CCTV and monitoring systems.

• Staff awareness and reporting procedures.

• Emergency evacuation and lockdown plans.

• Communication arrangements with emergency services.

The measures adopted should be proportionate to the size, use and risk profile of the premises.

5. Understand the Regulatory Expectations

The Security Industry Authority (SIA) will act as the regulator for Martyn's Law and will be responsible for monitoring compliance once the legislation is fully implemented.

The SIA will have enforcement powers that include compliance notices, restriction notices and financial penalties where organisations fail to meet their obligations.

For this reason, maintaining clear records and demonstrating a proactive approach to compliance will be increasingly important.

6. Start Preparing Before the Requirements Come Into Force

Although there remains an implementation period before the legislation becomes fully enforceable, the publication of the statutory guidance provides a valuable opportunity for organisations to assess their readiness.

Businesses should consider:

• Reviewing existing security procedures.

• Updating risk assessments.

• Training staff on terrorism awareness and response procedures.

• Assessing physical security arrangements.

• Engaging with landlords, tenants and security providers where responsibilities overlap.

Organisations that begin preparations early are likely to be in a stronger position when the legislation comes fully into effect.

For organisations wishing to review the guidance in full, the official Martyn's Law Statutory Guidance provides detailed information on duties, expectations and implementation requirements.