The Terrorism (Protection of Premises) Act 2025, widely known as Martyn’s Law, marks a significant shift in how the UK approaches public safety at venues and events. Named in memory of Martyn Hett, a victim of the 2017 Manchester Arena attack, the law introduces a legal duty for venues to assess and mitigate terrorism risks.

At Hendersons Health & Safety, we’re here to help you understand what this means - and how to prepare. Martyn’s Law requires venues and events expecting 200 or more people to take proportionate steps to protect the public from terrorist threats. For larger venues (800+ capacity), the requirements are more detailed and include formal risk assessments, staff training, and emergency planning.

In the wake of the Terrorism (Protection of Premises) Act 2025, also known as Martyn’s Law, venues and event organisers across the UK are now legally required to assess and mitigate terrorism risks. But this isn’t just a box-ticking exercise—it’s a vital step in protecting lives.



The tragic events of the Manchester Arena bombing in 2017, where 22 people lost their lives at a public event, were a wake-up call. But Manchester wasn’t an isolated incident. From the Bataclan theatre attack in Paris to the Berlin Christmas market truck attack, public gatherings have repeatedly been targeted by those seeking to cause mass harm. These attacks often exploit vulnerabilities in crowd management, access control, and vehicle movement.

As of July 2025, the UK’s national terrorism threat level remains at SUBSTANTIAL, meaning an attack is likely. This level is set by the Joint Terrorism Analysis Centre (JTAC), which continuously evaluates intelligence, capability, and intent from both domestic and international sources.

While Martyn’s Law makes terrorism risk assessments a legal requirement, the quality of those assessments is what truly matters. A poorly executed risk assessment isn’t just a missed opportunity—it’s a liability. We continually see the worrying trend across multiple industries, particularly in construction and facilities management, where risk assessments are often treated as a formality. Generic, templated documents are copied, pasted, and recycled with little thought or scrutiny. Some are even generated by AI tools or downloaded from online libraries, with no real understanding of the site, the threat, or the people involved. These documents may tick a box, but they do nothing to protect lives.

A credible terrorism risk assessment must go far beyond form-filling. It must be site-specific, tailored to the unique layout, operations, and crowd dynamics of the venue. It must be threat-informed, drawing on current intelligence and guidance, including the JTAC threat level. It must be operationally realistic, reflecting how people actually use the space, not just how it looks on a plan. And it must be reviewed and validated, with quality assurance built in, not as an afterthought.

At Hendersons, we don’t believe in “off-the-shelf” safety. Our assessments are grounded in real-world operational knowledge, not theoretical templates. Our approach is shaped by decades of experience at the sharp end of public safety and major event command. Having served as a Chief Inspector, Silver Commander, and Head of a Force Major Events Unit, I’ve personally led the policing and safety planning of hundreds of large-scale events—many with tens of thousands of attendees. That experience gives us a deep understanding of the protocols, expectations, and pressures that come with protecting crowded spaces. We know what good looks like, and more importantly, we know what happens when it’s missing. That insight is what sets our assessments apart—credible, competent, and always grounded in the realities of risk.

That insight also informs how we approach the development of each terrorism risk assessment. This isn’t a theoretical exercise—it’s a practical, structured process that must be grounded in the operational realities of the venue. It begins with understanding the environment: what the space is used for, how it functions day to day, and who interacts with it. We consider the flow of people, the nature of the events being hosted, and the specific characteristics of the site that might influence risk—whether that’s a city-centre location with open vehicle access or a rural site with limited infrastructure.

From there, we identify the credible threats. These are not abstract possibilities but real-world scenarios informed by current intelligence, historical incidents, and the evolving tactics of those who seek to do harm. Whether it’s a vehicle ramming attack during ingress, an improvised explosive device left in a bag, or an insider threat exploiting access credentials, each risk must be considered in the context of the venue’s unique vulnerabilities.

We then assess how those vulnerabilities manifest. Where do people gather in large numbers? Are there choke points or blind spots? Is there sufficient surveillance, lighting, and physical protection? Are staff trained to recognise suspicious behaviour or respond to an unfolding incident? These are the questions that shape a meaningful assessment—one that doesn’t just identify risk but actively informs how to reduce it.

The final stage is about prioritisation and action. We evaluate the likelihood and potential impact of each identified threat and use that to guide proportionate, achievable recommendations. These might include physical interventions like bollards or fencing, procedural changes such as revised queue layouts or access control, or training and awareness programmes for staff and volunteers. The result is a clear, structured document that not only satisfies legal requirements but also serves as a practical guide to improving safety.

Hostile Vehicle Mitigation can often be one of the most immediate and visible outcomes of this process. It’s particularly relevant at the points where people are most vulnerable—during arrival and departure, at drop-off zones, or at temporary events where permanent infrastructure may not exist. But effective HVM isn’t just about putting up barriers. It’s about understanding how vehicles interact with the space, how people move through it, and how to create protective environments without compromising the experience of those attending.

Ultimately, this is about more than compliance. It’s about leadership, responsibility, and a commitment to doing things properly. At Hendersons, we don’t just help our clients meet the requirements of Martyn’s Law - we help them exceed them, with assessments and advice that are credible, competent, and rooted in the realities of modern-day risk.