Martyn’s Law: What We Know, What’s Still to Come, and What Organisations Should Do Now

As the UK moves toward implementing Martyn’s Law - formally the Terrorism (Protection of Premises) Act 2025 - organisations across all sectors are trying to understand what this means for them. Yet despite the rising conversations, full statutory guidance has not been published, creating uncertainty around what will ultimately be required.

Many providers are already marketing “Martyn’s Law compliance packages,” but with no confirmed framework behind them, organisations risk investing in the wrong solutions or taking action that later becomes obsolete.

At Ligtas, we take a measured, practical, and client-first approach. Based on the latest government updates and our internal review of the legislation, here’s what you need to know, and what you can do now to prepare with confidence.

The Challenge: High Awareness, Low Clarity

The Government has confirmed that the Act has received Royal Assent, but the detailed statutory guidance that will define compliance expectations is still under development. This means that specific compliance requirements, documentation formats, enforcement expectations, and the SIA’s role remain in development .

The Home Office Martyn’s Law factsheet further confirms that:

• The SIA (Security Industry Authority) will take on a new regulatory role.
• There is a 24-month implementation period.
• Detailed guidance will be issued during this period.

This means businesses currently face:

• Conflicting advice from the market
• Pressure from boards, insurers, and stakeholders
• Limited clarity on what “good” looks like in practice.

The Impact on Organisations

Without official guidance, the consequences of making the wrong decisions are real:

Financial risk - Early investment in long-term contracts, technology, or assessments that later prove non-compliant can lead to wasted budgets.

Reputational risk - Boards and leadership teams are under scrutiny to demonstrate preparedness. Acting too soon, or too late, can undermine confidence.

Compliance risk - Competency requirements for assessors may change, meaning third-party consultants may need new SIA-linked accreditation. Early assessments performed by non-accredited providers could later be deemed invalid.

Operational impact - The Act introduces two tiers:

1) Standard (200–799 capacity) and

2) Enhanced (800+), each with different duties. But because the scope and interpretation of these duties may evolve, investing prematurely may create operational inefficiencies.

This uncertainty emphasises the need for a realistic, steady approach which will work in the real world, not premature action.

Best Practice: What Organisations Can Do Now

Despite the lack of finalised guidance, organisations can still take meaningful steps that will stand the test of time.

Understand whether Martyn’s Law applies to your premises

You should determine if you are likely to fall within the scope of the requirements and if so, at what level.

As part of our standard Health & Safety Risk Assessment service, Ligtas now provides advisory assessments to help clients understand how the requirements are likely to apply at each assessed premise, and at which tier, based on the initial government guidance.

Review existing security arrangements

You do not need new systems yet, but you should understand your current position. This includes:

• Emergency procedures
• Visitor movement
• Surveillance systems
• Staff confidence in incident response
• Coordination among stakeholders or tenants.

Most of these areas are already part of strong organisational resilience planning.

Focus on foundational preparedness

Both government commentary and our Ligtas guidance agree on the same core message:

This is the time for strategic readiness—not rushed decisions.

Steps you can take now include:

• Staff awareness training
• Reviewing emergency action plans
• Strengthening communication channels
• Ensuring incident reporting is consistent
• Building relationships with emergency services.

These actions are universally beneficial and unlikely to change under the final guidance.

Monitor official updates

Use authoritative sources, not marketing-led ones:

• Home Office
• ProtectUK
• SIA
• Local authority resilience teams

Government updates are clear that requirements may change, so staying informed is essential.

Ligtas: A Trusted Partner in Times of Change

As legislation evolves, Ligtas’ position remains consistent:
Only offer services that are valid, evidence-based, and aligned with official guidance.

Anthony Bruce, Head of Health & Safety Services, summarises the situation plainly:

“While some providers are already marketing terrorism risk assessments, these cannot yet guarantee compliance. Our priority is to keep clients informed, ensure they understand likely scope, and avoid unnecessary cost or sudden operational change until the official framework is released.”

Conclusion

Martyn’s Law marks a significant step in strengthening public protection across the UK. But with guidance still forthcoming, the most responsible approach is measured preparedness, not premature investment.

The key actions today are:

• Understand whether the Act is likely to apply
• Strengthen your foundational emergency procedures
• Avoid long-term commitments
• Stay informed via official channels
• Use trusted, reputable advisors who recognise the evolving landscape.

Ligtas is here to help organisations prepare confidently and proportionately—now, and when the final guidance is released.