The Terrorism (Protection of Premises) (Notification Requirements) Regulations 2026

Abstract
The Terrorism (Protection of Premises) (Notification Requirements) Regulations 2026 represent a critical piece of secondary legislation implementing the UK's landmark Terrorism (Protection of Premises) Act 2025, commonly known as Martyn's Law. These Regulations delineate the specific information that 'responsible persons' for 'qualifying premises' and 'qualifying events' must furnish to the Security Industry Authority (SIA). They operationalise a fundamental aspect of Martyn's Law, ensuring that the designated regulator has the necessary data to oversee compliance with the new protective security duties. For legal professionals, understanding these notification requirements is paramount for advising clients, particularly those managing publicly accessible locations, on their impending statutory obligations under the new counter-terrorism regime.
Introduction
The landscape of protective security in the United Kingdom is undergoing a significant transformation with the phased implementation of the Terrorism (Protection of Premises) Act 2025 (c. 10), widely known as Martyn's Law. This pivotal legislation, enacted in response to the tragic Manchester Arena attack in 2017, places new legal duties on those responsible for publicly accessible premises and events to enhance their preparedness and protective measures against terrorist attacks. The Act received Royal Assent on 3 April 2025, with a projected implementation period of at least 24 months before its main duties come into force, likely around early 2027.
Central to the operationalisation of Martyn's Law are the Terrorism (Protection of Premises) (Notification Requirements) Regulations 2026. These Regulations, made under section 9 of the 2025 Act, specify the precise information that 'responsible persons' must provide to the Security Industry Authority (SIA) regarding 'qualifying premises' or 'qualifying events'. This article will delve into the statutory context of these Regulations, analyse their practical implications for duty holders, and highlight key considerations for legal practitioners navigating this evolving regulatory framework.
Background
The Terrorism (Protection of Premises) Act 2025 emerged from extensive campaigning by Figen Murray OBE, mother of Martyn Hett, a victim of the Manchester Arena bombing. Its overarching aim is to improve protective security and organisational preparedness across the UK by mandating that those responsible for certain premises and events consider how they would respond to a terrorist attack. The Act introduces a tiered approach to duties, categorising premises based on their capacity. 'Standard Duty Premises' are those reasonably expected to host between 200 and 799 individuals at any one time, while 'Enhanced Duty Premises' and 'Qualifying Events' are those expected to host 800 or more.
For Standard Duty Premises, the core requirements include notifying the SIA and implementing appropriate public protection procedures to reduce the risk of physical harm. Enhanced Duty Premises and Qualifying Events face more extensive obligations, including undertaking risk assessments, implementing public protection measures to reduce vulnerability, and documenting their plans. The Security Industry Authority (SIA), established under the Private Security Industry Act 2001, has been designated as the regulator responsible for ensuring compliance with the 2025 Act. The SIA's existing remit includes licensing individuals in the private security industry and managing the Approved Contractor Scheme, and its role has now expanded to include regulating venues under the new terrorism protection laws.
The Terrorism (Protection of Premises) (Notification Requirements) Regulations 2026 flow directly from this statutory framework. They are designed to give effect to the notification obligations stipulated in the parent Act, ensuring that the SIA is duly informed of the premises and events falling within its regulatory scope. This allows the regulator to effectively monitor compliance and provide necessary guidance, which the Home Office published on 15 April 2026, following the commencement of section 27 of the Act on 10 April 2026.
Analysis
The 2026 Regulations specifically detail the 'information which must be provided to the Security Industry Authority by a person who is, or has been, responsible for qualifying premises or a qualifying event under section 9 of the Terrorism (Protection of Premises) Act 2025'. While the precise schedule of information is contained within the Regulations themselves, the broader context provided by Martyn's Law indicates that this notification is a foundational step for all in-scope entities. For Standard Tier premises, the notification of their existence to the SIA is a primary requirement.
For Enhanced Tier premises and Qualifying Events, the notification requirements are more comprehensive, forming part of a broader set of duties that include detailed public protection procedures and measures. The 'responsible person' – defined as the individual or organisation with control of the premises or event in connection with its qualifying use – bears the legal duty to make these notifications. This includes not only initial notification but also, implicitly, updates if a person ceases to be responsible.
The scope of 'qualifying premises' and 'qualifying events' is broad, encompassing various publicly accessible locations such as retail, hospitality, entertainment, sports grounds, museums, hotels, places of worship, hospitals, and educational premises. However, certain exclusions apply, such as legislatures and freely accessible parks (though events within such parks may still qualify). The Regulations, by specifying the information to be provided, aim to create a comprehensive register for the SIA, enabling it to identify duty holders and ensure they are aware of and fulfilling their obligations under the 2025 Act. This includes details pertinent to the premises' capacity, type of use, and potentially the nature of the public protection procedures in place, especially for enhanced duty sites.
One potential area for legal scrutiny will be the interpretation of 'reasonably practicable' in relation to the implementation of procedures and measures, as well as the completeness and accuracy of the information provided in notifications. While the government intends for compliance to be achievable without specialist consultants, the complexity of some premises or events may necessitate expert advice to ensure all required information is correctly submitted and ongoing duties are met. The Regulations are a crucial administrative mechanism, underpinning the enforcement powers of the SIA, which include financial penalties for non-compliance.
Conclusion
The Terrorism (Protection of Premises) (Notification Requirements) Regulations 2026 are an indispensable component of the UK's new counter-terrorism security regime. They translate the broad obligations of Martyn's Law into concrete administrative actions, requiring 'responsible persons' to formally engage with the Security Industry Authority. For legal practitioners, advising clients on these Regulations necessitates a thorough understanding of the parent Act, particularly the definitions of 'qualifying premises' and 'qualifying events', and the tiered duties they impose. Clients must be made aware of their obligation to notify the SIA, the specific information required, and the timelines for submission, especially as the main duties of the Act are expected to come into force around early 2027.
Practitioners should guide clients in proactively identifying whether their premises or events fall within scope, determining their tier of duty, and preparing the necessary information for notification. Failure to comply with these foundational notification requirements could expose organisations to regulatory scrutiny and potential penalties. As the SIA establishes its new regulatory function and issues further guidance, legal professionals must remain vigilant for updates, ensuring their advice reflects the latest interpretations and best practices for compliance with this significant legislative development.
Citations
- 1.Terrorism (Protection of Premises) Act 2025 (c. 10)
- 2.Terrorism (Protection of Premises) (Notification Requirements) Regulations 2026
- 3.Private Security Industry Act 2001
How does this affect your business?
Get an AI analysis of this article grounded in your jurisdictions, practice areas, and any policy documents you've uploaded to Wansom.