https://homeofficemedia.blog.gov.uk/2025/04/03/martyns-law-factsheet/

Martyn's Law Factsheet

Posted by: , Posted on: - Categories: Uncategorised

This factsheet was updated in April 2026

The Terrorism (Protection of Premises) Act 2025, also known as Martyn’s Law, received Royal Assent on Thursday 3 April 2025. 

This Act delivers the Government’s manifesto commitment to strengthen the security of public premises and events. 

The Government would like to pay tribute to the 22 victims of the horrific Manchester Arena Attack in 2017, and to Figen Murray, mother of one of the victims Martyn Hett. Her campaigning has been crucial in driving this Act forward.   

The Government intends for there to be an implementation period of at least 24 months, from 3 April 2025, before the Act comes into force. This will allow the SIA’s new function to be established, whilst ensuring those responsible for premises and events in scope have sufficient time to understand their new obligations. This will enable them to plan and prepare appropriately.  

Please refer to our wider factsheets and legislation documentation which can be found on gov.uk.

On 15 April 2026 the Government published statutory guidance under section 27 of the Act. This guidance will assist those responsible for premises and events in scope to understand the requirements set out in the legislation and how they may be met in practice.

Whilst there is no legal requirement to comply with the legislation until it comes into force, those that fall within scope of the Act may wish to begin considering the requirements before commencement. 

The statutory guidance and some supplementary documents can be found at: The Terrorism (Protection of Premises) Act 2025 - GOV.UK

What does Martyn’s Law do?  

The Terrorism (Protection of Premises) Act 2025, also known as Martyn’s Law, will improve protective security and organisational preparedness across the UK by requiring that those responsible for certain premises and events consider how they would respond to a terrorist attack. In addition to this, at certain larger premises and events, appropriate steps to reduce vulnerability to terrorist attacks must also be considered. Through compliance with the Act, qualifying premises and events should be better prepared and protected, ready to respond in the event of a terrorist attack.  

The Home Office’s published statutory guidance will assist in determining whether premises or events are in scope of the legislation and, if so, which requirements they must meet. It will enable duty holders to make their own assessments on how they will meet the relevant requirements – and in turn make an assessment on whether they need to seek further support.

Premises and events do not need to spend money on consultants to be compliant with the legislative requirements.

Please be aware neither the Home Office nor the Security Industry Authority (SIA), endorse any third-party products offered by the private sector in respect of compliance with this legislation.

To support enforcement of the regime, a regulator will be established through a new function of the SIA, which will support, advise and guide those responsible for premises and events in meeting the requirements of this legislation. 

How will it work? 

The Act establishes a tiered approach to requirements, with those responsible for premises and events in scope required to fulfil different requirements according to the number of individuals it is reasonable to expect may be present.

Who will be in scope? 

Premises that satisfy the following four criteria fall within scope of the Act: 

  1. The site meets the definition of premises in the Act - there is at least one building, or a building and other land; 
  2. The premises are wholly or mainly used for one or more of the uses specified in Schedule 1 to the Act, e.g. a restaurant or a shop; 
  3. It is reasonable to expect that at least 200 individuals may be present at the same time from time to time; and 
  4. The premises are not excluded under Schedule 2 to the Act 

If 800 or more individuals may be expected, the premises will be an enhanced tier premises unless the Act says otherwise. 

An event that satisfies the following six criteria fall within scope of the Act: 

  1. The event takes place at premises as defined in section 3(1) of the Act – that is, a building, other land, or a building and other land. This is a wider definition than that applied to qualifying premises as it also includes land without buildings;
  2. The event takes place at premises that are not already covered by the Act as enhanced tier premises;
  3. The event is accessible to the public; 
  4. It is reasonable to expect that, at some point during the event, 800 or more individuals may be present at the event at the same time;   
  5. The event has measures in place to check that attendees satisfy an entry condition. This is the requirement that, to enter the event, members of the public have paid, have a ticket or pass, or are members or guests of a club, association or similar body; and 
  6. The event is not excluded under Schedule 2 to the Act. 

Who is the responsible person for qualifying premises? ​ 

For qualifying premises, the responsible person is the individual, company or organisation which has control of the premises for the purpose of their relevant Schedule 1 use (e.g. the use of a venue as a sports ground or a hotel). Where there is more than one Schedule 1 use (e.g. a church that also has a creche), it will be whoever is in control of the premises in connection with whichever Schedule 1 use is the principal use.  

Who is the responsible person for qualifying events? 

For qualifying events, the responsible person is the individual, organisation or company which has control of the premises in connection with their use for the event. For example, if a concert is to be held in a park and the company putting on the event takes control of an area of the park for the purposes of that concert, the company putting on the event will be the responsible person. The responsible person can be different to the individual, organisation or company which has control of the premises outside of their use for the event. The responsible person cannot delegate their legal responsibility to a contracted service provider but may delegate tasks.  

What are the requirements for standard tier premises? 

Some requirements in the Terrorism (Protection of Premises) Act 2025 apply to all qualifying premises and qualifying events. Those core requirements are the only requirements that apply to standard tier premises. The standard tier comprises of smaller premises where it is reasonable to expect that between 200 and 799 individuals (including staff) may be present at the same time.

When the requirements come into force, the person responsible for standard tier premises will have to:

  • notify the Security Industry Authority (SIA) of their premises; and 
  • have in place, so far as reasonably practicable, appropriate public protection procedures. 

These public protection procedures are those which should be followed by people working at the premises if an act of terrorism were to occur at the premises, or in the immediate vicinity. They are procedures which may be expected to reduce the risk of physical harm being caused to individuals relating to evacuation, invacuation (moving people to a safe place), locking down the premises, and communicating with individuals on the premises.  

The requirements for standard tier premises are centred around simple, low-cost activities with costs relating primarily to time spent.

What are the requirements for enhanced tier premises and qualifying events? 

Enhanced tier premises and qualifying events are premises or events where it is reasonable to expect that 800 or more individuals (including staff) may be present at the same time.

When the Act comes into force, the person responsible for enhanced tier premises and qualifying events must comply with the same requirements relating to public protection procedures and notification as at standard tier premises. Those requirements apply to all premises and events in scope.

In addition to the same requirements as standard tier premises (above), the responsible person for enhanced tier premises and qualifying events will additionally be required to: 

  • have in place, so far as reasonably practicable, appropriate public protection measures that could be expected to reduce both (i) the vulnerability of the premises or event to an act of terrorism, and (ii) the risk of physical harm being caused to individuals if an attack was to occur there or nearby. For example, enhanced tier premises will be required, so far as is reasonably practicable, to implement measures relating to the monitoring of the premises and their immediate vicinity;  
  • document the public protection procedures and measures in place, or proposed to be put in place, and provide this document to the SIA. This document should include an assessment of how the public protection procedures and measures reduce vulnerability and/or the risk of harm; and 
  • Where the responsible person is not an individual, they must designate a senior individual with responsibility for ensuring compliance.

How to assess how many individuals are reasonably expected to be present?  

A range of methods can be used to make a reasonable assessment. This includes methods which those responsible for premises and events may already be familiar with, e.g. safe occupancy calculations for the purposes of fire safety or use of historic data.  

The Home Office has published a supplementary document alongside the statutory guidance entitled ‘Non-statutory supplementary document A: Methods for assessing the reasonable expectation of individuals present at premises and events’. This document provides further information on the methods that can be used to assess the reasonable expectations of individuals present. The document can be found here: The Terrorism (Protection of Premises) Act 2025 - GOV.UK

How will Martyn’s Law be enforced?  

To support enforcement of the regime, a new regulatory function will be established within the Security Industry Authority (SIA). The SIA will seek to support, advise and guide those responsible for premises and events in meeting the requirements of this legislation. Where there are instances of serious or persistent non-compliance the SIA will be able to take enforcement action including compliance notices, monetary penalties and restriction notices. The legislation also includes some criminal offences.

The SIA has published draft section 12 statutory guidance for public consultation. This guidance is about how the SIA will discharge its functions under the Act and must be approved by the Home Secretary before it is published. 

How will my business or organisation be supported on Martyn’s Law?   

The Home Office has published statutory guidance to assist those responsible to understand the requirements set out in the legislation. The Home Office continues to build on the materials already published in relation to this legislation. This includes a bespoke landing page on ProtectUK, Government factsheets which set out key aspects of the legislation, social media promotion, various press releases, media briefings, and our substantial stakeholder engagement campaign. 

The Government continue to strengthen communications during the implementation period through active engagement, to support those in scope and raise awareness amongst the public.

Will Martyn’s Law apply to all of the UK?    

The legislation will apply across England, Wales, Scotland and Northern Ireland to ensure consistency in keeping the public safe across all parts of the United Kingdom. 

We continue to work closely with stakeholders and the Devolved Governments throughout the development of this Act.  

Why have we introduced Martyn’s Law

Since the start of 2020, MI5 and the police have disrupted 19 late-stage attack plots and intervened in many hundreds of developing threats.

The threat picture is complex, evolving and enduring, with terrorists choosing to attack a broad range of locations. It is not possible to predict where in the UK an attack might happen, or the type of premises or event that could be impacted – either directly as the target of an attack, or indirectly by being located near to the target of an attack.   

Engagement with business indicates that preparedness and protective security in the counter-terrorism space often falls behind areas where there are long-established legal requirements, such as health and safety. The police, security services, and other partners continue to do all they can to combat the terror threat; and many businesses and organisations already do excellent work to improve their security and preparedness. However, the absence of legislative requirements means there is no consistency of consideration or of outcomes achieved. 

That is what this Act seeks to address. 

Please refer to ProtectUK for more information.

Tags: ,

Sharing and comments

Share this page