The private security industry in the United Kingdom is regulated by the Security Industry Authority (SIA), established under the Private Security Industry Act 2001. If you deploy operatives to guard premises, control access to venues, monitor CCTV, hold keys for client sites, or provide close protection, every individual performing that work must hold a valid SIA licence. Deploying unlicensed operatives is a criminal offence, and the SIA prosecutes both the individuals and the companies that employ them.
The Act covers six licensable sectors: manned guarding (including security guarding, door supervision, close protection, cash and valuables in transit, and public space surveillance using CCTV), key holding, and vehicle immobilisation (now largely defunct following the Protection of Freedoms Act 2012). In practice, the licences most security companies deal with are door supervisor, security guard, close protection, CCTV (public space surveillance), and key holding.
If your operatives are performing any of these activities under a contract for services, they need the relevant SIA licence. In-house security teams employed directly by the organisation they protect are exempt in most cases, but the moment a third-party contract is involved, the licensing requirement applies.
Door supervisors control entry to licensed premises: pubs, clubs, bars, music venues, and events. The licence also covers anyone guarding premises where alcohol is served or where a premises licence under the Licensing Act 2003 is in force. Training covers conflict management, physical intervention, emergency procedures, and the law relating to licensing, search, and arrest. The qualification is the Level 2 Award for Door Supervisors in the Private Security Industry, delivered by SIA-approved training providers and assessed by Highfield, City and Guilds, or equivalent awarding bodies.
Security guards protect property, premises, or persons under a contract for services. This covers static guarding, mobile patrol, reception security, retail loss prevention, and corporate security. Training covers the Level 2 Award for Working as a Security Officer in the Private Security Industry. The syllabus includes conflict management, communication skills, recognising and responding to security threats, and the legal framework governing use of force, arrest, and search.
This licence is required for anyone operating CCTV systems that monitor public spaces under a contract for services. Town centre CCTV, car park monitoring, and transport hub surveillance all fall within scope. Private CCTV within a single premises (a shop camera, for instance) does not normally require this licence unless the operative is contracted from outside. Training covers the Level 2 Award for Working as a CCTV Operator in the Private Security Industry, including data protection, surveillance camera code of practice, evidence handling, and operator welfare.
Close protection operatives (bodyguards) must hold the close protection licence, which requires the Level 3 Certificate for Working as a Close Protection Operative. This is the most demanding SIA training course, typically running over 140 guided learning hours across several weeks. It covers threat assessment, route planning, embus and debus drills, conflict management, surveillance awareness, first aid, and the legal framework for use of force.
Key holding is a licensable activity when performed under a contract for services. If your company holds keys for client premises, responds to alarm activations, opens and closes sites, or provides lock-up and unlock services, operatives performing these tasks must be SIA licensed. The security guard licence covers key holding activities, so a separate licence is not required if operatives already hold the SG licence.
The SIA's Approved Contractor Scheme (ACS) is a voluntary accreditation for security companies that demonstrate they meet defined standards of management, training, staff vetting, and operational delivery. ACS status is not legally required, but it has become a de facto commercial requirement for winning contracts with local authorities, NHS trusts, universities, corporate clients, and venues.
To achieve ACS, a company must demonstrate compliance across several modules: business management, staff recruitment and selection (including BS 7858 screening), training and development, operational service delivery, and continuous improvement. The assessment involves a desk-based document review followed by on-site inspection of your offices, review of personnel files, client feedback, and observation of deployed operatives.
The documentation burden is substantial. You need written policies and procedures for every operational area, personnel files with complete vetting records for every operative, training matrices showing that every licence holder has current qualifications, assignment instructions for every site, and evidence of regular supervisory visits and quality audits. Maintaining this in paper format across a company with dozens or hundreds of operatives is a significant administrative challenge.
All SIA training must be delivered by an SIA-approved training provider and assessed by an SIA-recognised awarding organisation. The SIA sets the qualification specifications, and the awarding bodies (Highfield, City and Guilds, HABC, IQ, NOCN, and others) develop the actual assessments.
Training is not one-off. SIA licences are valid for three years, and operatives must renew their licence before expiry. Renewal does not require repeating the full training course, but it does require evidence of continuing professional development and, in some cases, a top-up training session. If a licence lapses, the operative cannot legally work until the renewal is processed, and the company that deploys them in the interim is committing an offence.
Beyond SIA training, many contracts require additional competencies: first aid at work (three-year renewal), fire safety awareness, manual handling, working at height (for construction site security), conflict resolution refreshers, and site-specific induction training. A well-run security company tracks all of these expiry dates across its entire workforce and schedules renewals proactively.
Event security brings additional regulatory complexity. Operatives working at events with a premises licence typically need a door supervisor licence, not a security guard licence, because the venue is serving alcohol under a Licensing Act authorisation. The local authority's Safety Advisory Group (SAG) will review the event management plan, and inadequate security provision is grounds for refusing or revoking the licence.
Event stewards (as distinct from security operatives) do not need SIA licences if their role is limited to crowd management, direction-giving, and customer service. But the line between stewarding and security is thin. If a steward is expected to refuse entry, eject individuals, search bags, or use physical intervention, they are performing licensable activity and must hold the appropriate SIA licence. Misclassifying security operatives as stewards is a common compliance failure and a favourite target for SIA enforcement officers.
The SIA requires that all licence applicants pass a criminal records check through the Disclosure and Barring Service (DBS). The SIA applies its own criteria for assessing criminal records: certain convictions are automatic bars (violent and sexual offences, in particular), while others are assessed on a case-by-case basis considering the nature of the offence, the sentence, and the time elapsed.
For ACS companies, staff screening must also comply with BS 7858, the British Standard for screening individuals working in a secure environment. This goes beyond DBS checks to include verification of identity, right to work, employment history for the previous five years (with gap analysis), financial probity checks, and references. BS 7858 screening takes time and produces a paper trail that must be stored in the operative's personnel file for the duration of employment plus a retention period.
The SIA has powers to prosecute individuals who work without a licence and companies that deploy them. Penalties for deploying unlicensed operatives include fines of up to 5,000 per offence on summary conviction, and imprisonment and unlimited fines on indictment. The SIA regularly publicises successful prosecutions, and a conviction can result in the company losing ACS status, client contracts, and professional reputation.
The SIA also conducts compliance operations at venues, events, and client sites. Inspectors will check that every operative on duty holds a valid SIA licence for the activity they are performing. If a door supervisor's licence has expired, even by one day, both the operative and the deploying company are in breach. If a security guard is performing door supervision duties without a DS licence, both are in breach.
The administrative load of running a compliant security company is often underestimated. A firm with 100 operatives across 30 sites has hundreds of licence expiry dates, training certificates, personnel files, assignment instructions, and incident reports to maintain. The companies that manage this well are the ones that win and retain contracts. The ones that do not are the ones that feature in SIA prosecution press releases.
Slatewick builds compliance tools that track training, licences, and documentation across your entire workforce. Less admin, fewer gaps, cleaner audits.
Learn moreCompliance tools for regulated industries. Built with the tools of tomorrow, guided by the values of yesterday.