This website uses cookies. If you continue to use the website you agree to our use of cookies. Learn more

LP Magazine EU

Retail-Ad1.gif

Xpanda_UK_LP.jpg

Insights_Ad.png

oris_media_v200_animated_advertisement_300x250_0925.gif

November_2024.png

 

UK_Banner_ad_5-01.png

Industry focus

The Final Countdown

One Year to Go—Figen Murray Sets the Timer for the Full Implementation of Martyn’s Law


Figen Murray has a countdown timer on her smartphone as she watches the months, weeks, days, hours and seconds until the full implementation of the Terrorism (Protection of Premises) Act 2025, the legislation that carries her son’s monika—Martyn’s Law.

The mother of Martyn Hett who was one of twenty-two people who died following a terrorist attack by suicide bomber Salman Abedi at the Ariana Grande concert at Manchester Arena on 22 May 2017 holds her phone up to show me the diminishing digits on screen, a living reminder of what she hopes are the final days of the slow and painful journey she has been on and is still yet to complete.

She is no stranger to painful journeys. Almost a year ago, accompanied by her husband Stuart and two youngest daughters Louise and Nikita, Figen undertook what can only be described as a physical and emotional pilgrimage.

Joined on the first and last legs by Brendan Cox, the husband of murdered Labour MP Jo Cox and with regular check-ins from broadcast media outlets, Figen spent sixteen long days walking 200 miles from Manchester to Downing Street arriving on the 8th anniversary of the tragedy that claimed her son’s life, a blistering and gruelling gesture to raise awareness of her tireless campaign to tighten up security and accountability at public venues.

The legislation received Royal Assent during the King’s Speech on 3 April 2025, and the timer is her countdown to what she hopes will be the final destination and delivery of Martyn’s Law in May 2027.

But the glacial gears of justice grind slowly, and she is still waiting for the final agreed guidance for “in scope” premises—those retail, hospitality, and stadia businesses accommodating more than 200 people—on how to ensure compliance with the new law.

But although Figen can be frustrated by slow progress, she wants to see it “done once and done right”, and she is full of praise for the efforts of the Home Office which is soon to publish the business guidelines for compliance, and the Security Industry Authority (SIA) which is the body overseeing the implementation of the new law in achieving that goal.

We are a few seconds into our Teams call. She has already apologised for being late for the interview, but her monthly update call with the Home Office had run over. An inscrutable demon for detail and fairness, she will not divulge any information from the call, less to say that all parties were making strong progress.

“The conversations I’ve had with the Home Office and the SIA highlight the phenomenal level of work that has been carried out—it is staggering. What they have done so far really reassures me.”

Even while Figen’s clock ticks down, businesses still have time to get ready. This is because the Government set its own timer for an implementation period of at least twenty-four months before the Act comes into force, according to the Home Office’s Martyn’s Law factsheet published last April.

This will allow the SIA’s new function to be established, whilst ensuring those responsible for premises and events in scope have sufficient time to understand their new obligations. This will enable them to plan and prepare appropriately.  

What it Entails

Martyn’s Law itself (the 2025 Act) in its final format has been on a long blistering and bruising road. It has been developed following public consultation and extensive engagement across industry, charities, local authorities, security experts, and with survivors. Seventy per cent of the thousands who responded to the consultation agreed that those responsible for publicly accessible locations should take measures to protect the public from potential attacks.

Consequently, the Act focuses on strengthening security at public venues through a tiered approach, with the Security Industry Authority (SIA) acting as the regulator. 

Working closely with security partners, business, and victims’ groups, including Figen, who spearheaded the campaign for the change in the law, the new duty will require venues to take steps to improve public safety, with measures dependent on the size of the venue and the activity taking place. 

The public enquiries into Martyn’s Law were highly critical of the emergency service responses to the atrocity and highlighted the fact there were no security or prevention obligations on businesses to reduce the threat of harm to the thousands of visitors to the venues.

Section 27 of the Terrorism (Protection of Premises) Act now states that compliance with statutory published guidelines (when they are published by the Home Office) is intended to assist those responsible for premises in understanding their obligations to reduce the risk of physical harm from terrorist attacks.

The Secretary of State is required to keep this guidance under review and may revise or republish it as needed. 

The Need for Change

Counter terrorism (CT) experts use a red, amber, green matrix of risk severity, and know and understand that it is not “if”, but “when” there will be other attacks and attempts on UK soil. 

By using their own networks of intelligence, they are able to detect and thwart those clear and present danger attacks before they are executed so that the general public remains safe, albeit largely in the dark.

Previous to the Manchester arena attack and the subsequent public enquiries, the chain of command was a “top down” model from CT in terms of threat communication. Now, while intelligence gathering must remain veiled in secrecy, Martyn’s Law will democratise the process of safety intelligence sharing, with a broader move towards a wholesale transfer of the onus of keeping people safe in large, medium, and smaller public locations. 

Instead of information being the sole preserve of CT experts, responsibility for safety will also fall to the owners and operators. All of the in-scope businesses will be expected to carry out a bespoke risk assessment in order to deliver targeted training to their staff, including lockdown procedures. In short, safety preparedness for worst-case scenarios will become everyone’s responsibility. 

 

What Is In-Scope for Martyn’s Law

There are around 180,000 businesses in the scope that include premises and events, which are defined as building or outdoor locations which have a readily identifiable physical boundary and access by express permission. This is split between the standard tier where there are around 155,000 smaller venues (199+ capacity) and 24,600 in the enhanced space (800+ capacity).

All in-scope businesses must be accessible to the public with listed activities under the new law, namely entertainment and leisure facilities, retail, and hospitality venues serving food and drink. They must also have a minimum capacity of 200 or more individuals—this was revised from the previous suggested occupancy levels of 100, immediately taking a number of smaller venues out of scope. 

Provision is made in the Bill for temporary events such as festivals that have express permission to enter and a capacity of 800 or more individuals.

The Act establishes a tiered model — standard and enhanced—linked to the activity that takes place at a premises or event, and its capacity. 

The standard tier which is likely to be applied to most smaller retailers is targeted at venues that can accommodate between 200 and 800 paying customers. Above this number naturally falls over into the enhanced sector such as concert venues and stadia.  

Progress has been slow because of a lengthy public consultation to make sure the Bill strikes the right balance between public protection and avoiding undue burdens on smaller premises.

The Government wanted to ensure businesses and venues can deliver what is required of them rather than imposing conditions upon them that they will struggle to meet. This will mean the law stands the test of time and be accessible, proportionate, and deliverable for smaller premises because of the overall envisioned costs of implementation.

 

Cost to Business

The introduction of the new legislation to ensure that security preparedness is delivered consistently across the UK and better protection of the public, will be based upon “proportionality” when it comes to the cost of its roll-out, the lion’s share of which will fall onto the shoulders of the business community. According to Government figures, the business impact cost is estimated to be around £2.1 billion in implementation, the conducting of the necessary risk assessments, and ongoing CT training costs. 

The legislation affects around 178,900 venues, including small businesses, theatres, cinemas, restaurants, and sports arenas. The cost breakdown includes CT interventions of £267 million in Year One, and £837 million over the appraisal period. The necessary risk assessments are estimated at £649 million and training costs could reach £400 million.

Following her evidence to the Home Affairs Select Committee three years ago, Figen Murray, told Loss Prevention Magazine Europe that the publicity around the committee hearing was misguided and caused confusion because smaller venues would be largely unaffected by the roll-out of Martyn’s Law.

“The major costs of the scheme would be under the enhanced standard where there has to be inspection and the infrastructure requires safety investment,” she said in 2023.

“For smaller businesses, investment will be a fraction of the cost—a lot of the counter terror training is free to deliver through the ProtectUK website, and the only cost to the business is one hour of staff time to go through it,” she said.

“The costs will be proportionate rather than onerous. What was presented at the committee was a bit of a car crash in term of confusion and different agendas—it created a lot of extra work for us in terms of explaining the importance of the legislation.”

“The threat of terrorism is real and ever-changing, and it is not only larger venues and stadia that are targets—smaller venues are also at risk. At Borough Market, a restaurant manager who had received counter terrorism training managed to lock the front door when he realised what was going on.”

“Martyn’s Law isn’t going to stop terrorism, but common-sense security and making sure venues are doing all they can to keep people safe, could mean fewer suffer what myself, and the families of Manchester, have had to endure.”

Inspection and Enforcement

Once the guidance is published, businesses will know what to expect, including the consequences of non-compliance.

The Government is setting up an inspection and enforcement regime, promoting compliance and positive cultural change, and issuing credible and fair sanctions for serious breaches. This will promote the requirements for each tier, the sanctions available, and ultimately penalties will be issued to premises.

Regulators will be appointed to visit enhanced premises to inspect, advise and guide operators in regard to their requirements, and those enterprises captured in this category will be expected to notify the regulator of their premise or event as well as take “reasonably practicable” measures that will reduce the risk of a terrorist attack occurring or physical harm being caused. The reasonably practicable test is utilised in other regulatory regimes e.g. health and safety and will enable organisations to tailor their approach to the nature of the premises, their activities, and resources.

They must also keep and maintain a security document, aided by an assessment of the terrorism risk, which must also be provided to the regulator and, if the responsible person is a corporate body, they must appoint an individual as the designated senior individual for the premise or event.

Guidance Delay and Information Vacuum

That was then, and this is now. And, as the timer counts down, Figen remains sanguine about the delays to the guidance to businesses. As mentioned earlier, she has waited this long and does not want any last-minute confusion as a result of rushed decision making.

But inevitably delays in the final guidance can create information vacuums which can be filled with misleading information for panicked businesses, something Figen is all too aware of.

“My experience with Government is that nothing happens quickly because of the double and triple checking,” said Figen. 

“The process takes a long time, and I understand that people want answers — it’s a huge piece of legislation.”

“The Government needs to get it right first time, but there are lots of things businesses can be doing while they are waiting for the official guidance, and the Home Office will be sharing practical advice on this,” said Figen.

At the time of the interview, she had 428 days on the screen with the view of 3 April 2027 as “D for delivery” day — exactly two years after the King’s Speech and ten years on from the Manchester Arena bombing.

“I set my own deadline, but I am happy with the work of the Home Office and SIA who have done a substantial amount of work talking to key people in the industry, so that everyone is on board—and that reassures me a lot.”

She is also very selective about what she says and to who. She will talk about the process but will not endorse or allow her son’s name to be linked with any product or process that has not been ratified by the Government in its quest to deliver Martyn’s Law.

“I don’t give interviews about terrorism or related issues—I am apolitical as I don’t want to be distracted or dilute my overriding message.”

To this end, in the last seven years of campaigning, Figen has sat down with both Rishi Sunak, the former Conservative Prime Minister and Sir Keir Starmer, the current incumbent at Number 10 as the implementation of Martyn’s Law has always garnered cross-party support in Parliament.  

She directs her main line of fire at those businesses that are making capital from false information, those ambulance chasing organisations selling solutions as ‘’Martyn’s Law Compliant’ when no such official endorsement exists.

“I can’t stop them—it’s up to them if they have not got a conscience, a sense of decency or ethics. But I don’t want anyone out there thinking that I am in some way connected to these organisations, which is why businesses should not pay for training or solutions that suggests it will provide them with compliance.”

“For example, I was made aware of one business that told a shopping centre that it needed to change all of its glass to bomb proof, and that their glass would make them Martyn’s Law compliant.”

“I have no doubt there are some brilliant solutions out there and good luck to businesses who can make money from these products, but too many are jumping the gun and profiting from other people’s fear.”

While Figen’s smartphone continues to count down, businesses are setting their own clocks to compliance mode. They are waiting for the Government guidance and are focussed on listening to the ticking clock rather than the distracting background noise and whining sirens of unethical ambulance chasers who are taking Martyn’s name in vain.   

 

Leave a Reply



(Your email will not be publicly displayed.)

Captcha Code

Click the image to see another captcha.



iFacility CCTV and Alarm Installation