Defence, Security & Space Security and investigation

SIA employer compliance checklist

Compliance audit checklist for private security employers. Covers SIA licensing, refresher training, first aid, DBS checks, right to work verification, badge display, working time records, and risk assessments for lone working and violence.

UK-wide Updated 5 Apr 2026

Guide summary

Check all security staff have valid SIA licences before they work. Keep records of checks. You could face unlimited fines or prison if you use unlicensed staff.

Verify each operative's SIA licence before deployment
Use SIA online licence checker for current status
Keep records of licence checks for 3 years
Check right to work separately from SIA licence
Penalties: up to £60,000 per illegal worker
Conduct refresher training before licence expiry
Display SIA badges at all times during work
Record working hours and risk assessments
ACS members must pass independent compliance audits

On this page

UK-wide

Use this checklist to audit your compliance as a private security employer. Work through each section and resolve any gaps. Failure on licensing items can result in criminal prosecution.

Official guidance

Employer obligations for SIA-licensed staff

Employer duties to verify SIA licence validity, the offence of deploying unlicensed security operatives under s.5 PSIA 2001, record-keeping requirements, and the due diligence defence.

Core employer offence (s.5 PSIA 2001): It is a criminal offence for a person to use or supply unlicensed individuals to carry out licensable conduct.
Licence verification tool: SIA online licence checker — employers must verify each operative's licence status before deployment.
What to verify: Licence validity, expiry date, correct sector (e.g. door supervision, CCTV, close protection), and right to work in the UK.
Record-keeping duty: Employers must maintain records of licence checks including operative name, licence number, sector, expiry date, and date checked.
Due diligence defence: Under s.5(2) PSIA 2001, it is a defence to show all reasonable steps were taken to verify the operative held a valid licence.
Ongoing monitoring: Employers should conduct periodic re-checks, not rely solely on the initial verification at point of hire.
ACS scheme advantage: SIA Approved Contractor Scheme (ACS) members demonstrate compliance through independent audit of deployment and licence management procedures.

Section 5 of the Private Security Industry Act 2001 creates a strict liability offence of deploying unlicensed security operatives. However, the due diligence defence under s.5(2) provides that if a person can prove they took all reasonable steps to establish that the operative held a current SIA licence, they are not guilty of the offence. Employers should use the SIA's free online licence checker before every deployment and retain auditable records of all checks performed.

Licensing

All staff performing licensable activity hold a valid, active SIA licence
Each licence covers the correct sector for the work being performed
Licence validity verified on the SIA Register of Licence Holders before first deployment
SIA licence card carried and displayed by each operative while on duty
Licence expiry dates tracked and renewal prompted at least three months in advance
Records of all licence checks held on file (date, licence number, checker name)

Official guidance

SIA licensing offences and penalties

Criminal offences under the Private Security Industry Act 2001, including operating without a licence, deploying unlicensed staff, and providing false information, with maximum penalties.

Operating without an SIA licence (s.3): On indictment: up to 5 years' imprisonment and/or unlimited fine. Summary: up to 6 months' imprisonment and/or unlimited fine.
Deploying unlicensed security operatives (s.5): On indictment: up to 5 years' imprisonment and/or unlimited fine. Summary: up to 6 months' imprisonment and/or unlimited fine.
Contravention of licence conditions (s.9): Summary offence: up to 6 months' imprisonment and/or unlimited fine.
Providing false information (s.22): On indictment: up to 5 years' imprisonment and/or unlimited fine. Summary: up to 6 months' imprisonment and/or unlimited fine.
Using a false or forged licence: Treated as fraud under Fraud Act 2006 — on indictment: up to 10 years' imprisonment and/or unlimited fine.
Criminal liability of directors and officers (s.23): Where offence committed by a body corporate with consent or connivance of an officer, the officer is also personally guilty.
Enforcing body: Security Industry Authority (SIA)

Offences under ss.3 and 5 of the Private Security Industry Act 2001 are triable either way (both summary and on indictment). The most serious offences — operating without a licence and deploying unlicensed staff — carry identical maximum penalties. Following the Legal Aid, Sentencing and Punishment of Offenders Act 2012, fines on summary conviction are unlimited.

Pre-employment checks

Right to work check completed and documented before first day of work
Enhanced DBS check completed (or application submitted) for each employee
Barred list check completed where the role involves regulated activity
Identity documents verified against the SIA licence card

Official guidance

Right to work checks for security staff

Dual right to work verification for private security employees. SIA requires proof of right to work as a licensing prerequisite, and employers must conduct separate checks under the Immigration, Asylum and Nationality Act 2006. Both checks are independent obligations with distinct legal consequences.

SIA licensing RTW check: SIA verifies right to work in the UK as a prerequisite for granting or renewing an SIA licence; applicants without valid RTW status are refused
Employer RTW check: Employers must conduct a separate right to work check under the Immigration, Asylum and Nationality Act 2006 before the employee starts work
Independence of checks: The SIA licence check and the employer check are legally independent; holding a valid SIA licence does not discharge the employer's duty to verify RTW
Employer statutory excuse: Conducting a compliant RTW check (manual or online) provides the employer a statutory excuse against a civil penalty of up to £60,000 per illegal worker
SIA licence duration: 3 years from date of issue
RTW re-check timing: For employees with time-limited right to work, employer must conduct a follow-up check before the permission expires
Online RTW service: Employers can use the Home Office online right to work checking service where the individual has an eVisa or share code
Record retention: Employer must retain a copy of the RTW check (document copies or online check confirmation) for the duration of employment plus 2 years

Private security employers face a dual verification obligation. The SIA independently checks right to work when processing licence applications. However, this does not remove the employer's own obligation under immigration law. Failure to conduct employer RTW checks can result in civil penalties of up to £60,000 per illegal worker and, in cases of knowingly employing an illegal worker, criminal prosecution with an unlimited fine and up to 5 years' imprisonment.

Training

Refresher training planned and booked before each employee's licence expiry
First aid qualifications current for all staff required to provide first aid
Conflict management CPD delivered within the past 12 months
Lone working training and induction completed for all lone workers
Training records maintained for each employee

Working time and risk assessments

Weekly working hours recorded for all staff
Opt-out agreements signed where employees work more than 48 hours per week
Night worker health assessments offered
Rest break entitlements met and recorded
Lone working risk assessment completed and reviewed at least annually
Violence risk assessment completed and reviewed at least annually

Official guidance

Working time rules for security staff

Working Time Regulations 1998 as applied to security guarding, including the 48-hour average week, opt-out provisions, night worker limits, rest breaks, and the classification of security guarding as unmeasured working time.

Maximum average weekly hours: 48 hours averaged over a 17-week reference period (Regulation 4)
Opt-out agreement: Workers may voluntarily opt out of the 48-hour limit in writing; opt-out is common in security sector but must be genuinely voluntary with 7 days' minimum notice to cancel (or longer if agreed, up to 3 months)
Night worker limit: 8 hours per 24-hour period on average; where work involves special hazards or heavy physical/mental strain, an absolute 8-hour limit applies
Night worker definition: A worker who normally works at least 3 hours of daily working time during night hours (11pm to 6am by default)
Night worker health assessment: Employers must offer a free health assessment to night workers before assignment and at regular intervals thereafter
Rest break entitlement: 20-minute uninterrupted break when daily working time exceeds 6 hours; break must be taken away from the workstation
Daily rest: 11 consecutive hours' rest in each 24-hour period
Weekly rest: 24 consecutive hours' uninterrupted rest in each 7-day period (or 48 hours in each 14-day period)
Unmeasured working time: Security guarding may qualify as unmeasured working time under Regulation 20 where the worker controls the duration; this disapplies the 48-hour limit, night work limit, and rest break rules
Compensatory rest: Where rest breaks or daily/weekly rest cannot be taken (e.g. continuous security coverage), the employer must allow equivalent compensatory rest within a reasonable period
Enforcement body: Health and Safety Executive (HSE) enforces rest and night work limits; employment tribunals handle 48-hour and holiday disputes

Official guidance

Lone working requirements for security staff

Lone working risk assessment obligations for security employers under the Management of Health and Safety at Work Regulations 1999, including communication systems, welfare checks, violence risk, and personal safety measures specific to security guarding.

Legal duty: Employer must assess risks to lone workers under MHSWR 1999 Regulation 3 and implement controls under HASAWA 1974 Section 2
Lone worker definition: Anyone working without close or direct supervision, including security officers on solo patrols, night shifts, or static guarding at remote sites
Risk assessment scope: Must consider violence and aggression, medical emergencies, environmental hazards, fatigue, confined spaces access, and site-specific risks
Communication systems: Employer must provide reliable means of communication such as two-way radio, mobile phone, lone worker alarm device, or GPS-enabled personal safety app
Welfare check-in procedures: Regular scheduled check-ins at agreed intervals; if a check-in is missed, escalation procedure must activate immediately
Panic alarm / personal safety device: Lone security workers in high-risk environments should be provided with a personal alarm or man-down device with automatic alert capability
Violence risk assessment: Specific assessment required for roles involving confrontation, public interaction, cash handling, or working in areas with known crime risk
Site familiarity: Lone workers must be briefed on site hazards, emergency exits, first aid locations, and contact details for emergency services before commencing work
Fitness for lone working: Employer must consider whether the individual is medically and psychologically suitable to work alone, particularly for extended shifts
Recording requirement: Risk assessment findings must be recorded if the employer has 5 or more employees
Review trigger: Reassess lone working arrangements after any incident, near miss, change in site conditions, or change in personnel

There is no specific lone working legislation. Obligations derive from the general duty under HASAWA 1974 Section 2 and the risk assessment requirement in MHSWR 1999 Regulation 3. Security guarding frequently involves lone working in environments with elevated risk of violence, trespass, and medical emergency. Employers must ensure that control measures are proportionate to the assessed risk and that lone workers are never placed in situations that cannot be safely managed by one person.

If you answered 'no' to any licensing item, stop deploying the affected individual immediately. Deploying unlicensed security operatives is a criminal offence under section 5 of the Private Security Industry Act 2001, carrying a maximum penalty of five years' imprisonment and an unlimited fine.

Related guidance

Official guidance

Regulator guidance to help you understand your obligations.

↗ Factsheet HSE
1. Overview ↗ Factsheet HSE
1. Overview ↗ Factsheet HSE
1. Overview ↗ Factsheet HSE
1. Overview ↗ Factsheet HSE
2. Causes of stress at work ↗ Factsheet HSE
3. Signs of stress ↗ Factsheet HSE
5. Help for workers on stress at work ↗ Factsheet HSE
Contents ↗ Factsheet HSE
Criteria for potential investigation ↗ Factsheet HSE

Manage security staff working time
Working time compliance for private security employers. Covers maximum weekly hours, night worker limits, rest …
Security staff onboarding checklist
Pre-deployment checklist for onboarding new private security employees. Covers SIA licence verification, DBS checks, right …
Verify SIA licence validity for your employees
How to use the SIA licence checker to verify employee licences before deployment. Covers your …
Understanding SIA regulation of the private security industry
What the Security Industry Authority does, why private security is regulated in the United Kingdom, …
Start a private security business
End-to-end guide to starting a private security business in Great Britain, covering company registration, mandatory …

Manage security staff working time

Working time compliance for private security employers. Covers maximum weekly hours, night worker limits, rest break entitlements, opt-out agreements, and lone working risk assessments for security staff.

Security staff onboarding checklist

Pre-deployment checklist for onboarding new private security employees. Covers SIA licence verification, DBS checks, right to work, site-specific induction, lone working briefing, conflict management, communication equipment, and emergency procedures.

Verify SIA licence validity for your employees

How to use the SIA licence checker to verify employee licences before deployment. Covers your legal obligations under section 5 of the Private Security Industry Act 2001 and what to do if a licence is expired, suspended, or revoked.

Understanding SIA regulation of the private security industry

What the Security Industry Authority does, why private security is regulated in the United Kingdom, how the licensing system works under the Private Security Industry Act 2001, and what happens to businesses and individuals who operate without a licence.

Start a private security business

End-to-end guide to starting a private security business in Great Britain, covering company registration, mandatory insurance, SIA Approved Contractor Scheme registration, recruiting licensed staff, compliance systems, and industry standards including BS 7499 and BS 7858.

Licensing

Pre-employment checks

Training

Working time and risk assessments

Related guidance

Related guides in Employee Rights