How to Prepare for Martyns Law Properly

Learn how to prepare for Martyns Law with practical steps that strengthen security capability, improve planning, and reduce real-world risk.

A venue can have CCTV, policies, radios and a thick emergency plan – and still fail under pressure. That is the real starting point for how to prepare for Martyns Law. The law is pushing organisations towards stronger counter terrorism readiness, but compliance on paper is not the same as operational capability when people are forced to make decisions fast.

For retail, hospitality, events and publicly accessible premises, that distinction matters. Martyns Law is not just about proving that risk has been considered. It is about whether your organisation can recognise hostile activity early, act coherently, protect people and recover control when conditions become confused. The organisations that prepare well will treat this as a capability issue first and a documentation issue second.

What Martyns Law changes in practice

At a practical level, the law raises the standard expected from those responsible for publicly accessible locations and events. The exact duties will depend on the size and type of premises or event, but the direction is clear. More organisations will need to assess the threat of terrorism, put proportionate measures in place, and show that people understand what to do.

That word proportionate matters. A busy shopping environment, a hotel, a music venue and a corporate site open to visitors do not face identical risks. Neither should they adopt identical controls. Good preparation starts by rejecting off-the-shelf compliance thinking. If your measures do not fit your operating model, peak periods, public flow and staffing reality, they will not hold up when tested.

How to prepare for Martyns Law without reducing it to a tick-box task

The most common mistake is to begin with paperwork. The better approach is to begin with exposure. Ask where people gather, how they move, where hostile reconnaissance could take place, what would delay recognition, and who would make the first critical decisions if something felt wrong.

That means looking hard at entrances, queuing areas, loading points, reception spaces, event perimeters and any part of the site where normal business activity can mask suspicious behaviour. It also means understanding your own vulnerabilities. A well-designed building can still be exposed if contract management is weak, shift patterns are thin, supervision is inconsistent or escalation routes are unclear.

A credible preparation programme usually has four parts: risk assessment, proportionate security measures, staff preparedness and exercising. Miss one of those and the rest will be weaker than it appears.

Start with a realistic terrorism risk assessment

A proper assessment should do more than repeat broad national threat statements. It should translate threat into your environment. What attack methods are plausible for your site type? Where are the soft points? What hostile actions would be easiest to disguise within normal footfall or service activity? Which periods create the highest exposure – opening, closing, deliveries, weekend peaks, special events?

This is where many organisations discover the gap between generic security and counter terrorism readiness. General loss prevention measures may help, but they do not always address reconnaissance, hostile intent indicators, marauding attack dynamics or the speed at which public spaces become casualty environments.

Your assessment should produce decisions, not just observations. If a queue line creates an avoidable concentration of people, change it. If an entrance process causes blind spots or delay, redesign it. If incident leadership would default to whoever happens to be nearby, fix the command structure before you write anything else.

Build measures that your operation can actually sustain

Security controls fail when they depend on perfect staffing, permanent vigilance and ideal conditions. Martyns Law preparation needs to survive busy periods, annual leave, contractor turnover and pressure on frontline teams.

For some organisations, proportionate measures will be focused on procedural discipline: bag policy, access control, suspicious behaviour reporting, communications checks, lockdown or invacuation arrangements, and clear emergency actions. For others, physical and technical upgrades may also be required. The point is not to collect visible security features. The point is to reduce vulnerabilities and improve response options.

Trade-offs are unavoidable. More screening may slow throughput. Tighter access control may frustrate customer experience. Increased challenge culture may need careful handling in hospitality settings. Good planning recognises those tensions early and designs around them rather than pretending they do not exist.

Training is where preparation becomes capability

If you want to know how to prepare for Martyns Law properly, look at what your people can do without being prompted. Can they identify suspicious behaviour rather than just suspicious objects? Do they know how to report concerns quickly and accurately? Can they move from uncertainty to protective action without waiting too long for certainty?

Training should be role-specific. Front-of-house teams, supervisors, control room staff, event managers, facilities personnel and senior decision-makers do not need identical input. They need aligned input. Everyone should understand the threat, but the actions expected of each group should reflect the decisions they are likely to face.

This is also where many organisations expose an uncomfortable truth. They have delivered awareness sessions but not competence. Staff may recognise the language of counter terrorism yet still hesitate, misreport, overreact or freeze under pressure. That is why capability evaluation matters. Testing knowledge, judgement and decision-making gives a clearer picture than attendance records ever will.

Exercise what you expect people to do

A plan that has not been practised is only a theory. Tabletop exercises are useful for leadership teams because they reveal assumptions, dependencies and communication gaps. Walkthroughs and scenario-based rehearsals are useful for frontline teams because they force people to apply procedures in the spaces where they would actually work.

The test should not be whether the scenario runs neatly. It should be whether your team can detect, decide, communicate and act with enough speed and discipline to reduce harm. Exercises should examine messy realities: incomplete information, conflicting reports, busy public areas, absent managers, equipment problems and handover confusion.

If the exercise shows friction, that is not failure. That is useful data. Modern threats expose old security thinking, especially where organisations rely on static documents rather than trained judgement.

Governance matters, but only if it supports action

Senior leaders will need visibility of preparedness, especially where legal duties and reputational exposure are increasing. That does not mean burying the organisation in governance theatre. It means creating a simple structure that shows who owns the risk, who maintains the plan, who assures training, who reviews incidents and near misses, and who signs off improvements.

For multi-site operators, consistency matters, but so does local adaptation. A central standard can set the baseline, while site-level risk assessments and exercises account for local realities. If head office imposes a uniform model that ignores site variation, compliance may improve while actual readiness declines.

Documentation still matters. You will need clear records, clear roles and a defensible rationale for your decisions. But documents should capture capability, not substitute for it.

Common mistakes when preparing for Martyns Law

The first is treating terrorism preparedness as a facilities issue alone. It is an operational issue, a leadership issue and a people issue. The second is overestimating what staff will do under stress because they have read a policy once. The third is assuming that visible security presence equals effective readiness.

Another frequent error is failing to integrate security with wider business realities. If operations, HR, facilities, events, communications and senior leadership are not aligned, response quality suffers. Decisions slow down. Messages conflict. Frontline teams lose confidence.

The stronger approach is cross-functional and disciplined. It turns theory into action through assessment, design, training and repetition.

Where to focus first if you are behind

If your organisation is early in its Martyns Law journey, start by establishing your exposure profile and decision-making weaknesses. Identify the sites or events with the highest public concentration, the least mature procedures or the biggest supervision gaps. Prioritise those first.

Then review whether your current training creates usable competence, not just awareness. After that, test your plans in realistic scenarios. This sequence matters because it avoids spending time polishing documents before you know where the real weakness sits.

For organisations that want practical support rather than generic compliance advice, specialist consultancy and capability-led learning can accelerate progress. Mildot Group’s approach is built around operational realism – strengthening judgement, planning and performance under pressure rather than simply adding paperwork.

Martyns Law should be treated as an opportunity to build stronger protective security habits across the organisation. The legal driver matters, but the real value is simpler than that: better decisions, earlier intervention and a stronger chance of protecting people when seconds count.

Mildot Group®

Our Mission

Deliver real world security and counter terrorism consultancy built for 21st century threats.

Convert complexity into clarity so organisations act faster, smarter, and with confidence.

Provide high-quality security capability that’s within reach for everyone.

Who We Are

Mildot Group (established 2014) is a close network of experienced security professionals, selected for competence, integrity, and delivery under pressure.

With British military foundations and global private sector expertise, we help organisations strengthen security capability, from frontline operations through to senior decision-making.

What We Do

We deliver security risk management consultancy and learning that turns theory into action. From threat, vulnerability and risk assessments through to security strategies, technical systems and behavioural risk solutions, we build tailored protective security and counter-terrorism capability that works under pressure.

Our eLearning is independently reviewed and CPD Standards Office accredited.

 

International Security Experience You Can Trust

The company owner, supported by a hand‑picked network of professionals, brings unrivalled experience from ground level to senior leadership. Their private sector careers span government contracts, security and counter‑terrorism operations, specialist firearms training, and high‑level defence procurement and security advisory roles.

They have trained thousands of security personnel, managed and built large‑scale teams for Oil & Gas operations, and enhanced VIP protection programmes for government clients and delivered long‑term defence capability programmes. Extensive experience at senior levels within the private sector to design, implement and manage security risk management systems that mitigate terrorism, insurgency, and hybrid threats.

Trusted at the Highest Levels

Our services have been rigorously vetted by UK Government agencies. As former Registered Firearms Dealers with Section 5 authorities, our capability, capacity, and proven expertise have been verified to high standards, ensuring absolute confidence in our delivery.

ICO registered number ZA289831 

Privacy Policy

Terms & Conditions Policy

Terms of Use Policy

Privacy Preference Center

Privacy Preferences

Mildot Group hold data sent by users for recruitment purposes only and is not passed onto any third parties. If opportunities become available the data is used to send relevant information to potential personnel. Removal of this data can be made at anytime by requesting removal to info@mildot.co.uk

Social Media

Analytical information to help improve marketing and customer experience.