Insure24 Blog

Security Company Contract Risks Explained

Running a security company in the UK means navigating a complex web of client contracts, regulatory obligations, and operational responsibilities. Whether you provide manned guarding, CCTV monitoring,

3 June 2026 By Insure24 Security Company

Security Company Contract Risks Explained

Running a security company in the UK means navigating a complex web of client contracts, regulatory obligations, and operational responsibilities. Whether you provide manned guarding, CCTV monitoring, door supervision, keyholding, or mobile patrol services, the contracts you sign with clients can expose your business to significant financial risk — risk that many security firms only fully appreciate after something goes wrong.

Understanding where those risks lie, how they are transferred through contract terms, and what insurance safeguards you need in place is essential for any security business that wants to operate sustainably and protect its reputation. This guide breaks down the most common contract risks faced by UK security companies and explains what you should be looking for — and watching out for — before you sign on the dotted line.

Why Contracts Are High Stakes for Security Firms

Security companies occupy a unique position in the commercial world. Clients engage them precisely because something valuable needs protecting — people, assets, premises, data, or reputation. That means when something goes wrong on a site you are contracted to secure, the assumption is often that your company bears some or all of the responsibility.

This expectation is baked into contracts from the outset. Clients — particularly large corporate clients, property management companies, retail chains, and public sector organisations — typically use standard terms that are heavily weighted in their own favour. Your job as a security business is to understand what you are agreeing to, identify clauses that could expose you to disproportionate liability, and ensure your insurance cover reflects the actual risks you are taking on.

1. Unlimited Liability Clauses

One of the most significant risks in any security contract is the presence of unlimited liability clauses. These are terms that hold your company responsible for any loss, damage, or harm arising from your services — without any financial cap on what you could be required to pay.

In practice, this means that if a theft, burglary, fire, or violent incident occurs at a client's premises during your contracted hours, and it can be argued that your officers failed in their duty, you could face a claim for the full value of everything lost or damaged. For high-value commercial sites — warehouses, data centres, or retail distributions hubs — that figure could run into hundreds of thousands of pounds or more.

A well-drafted contract should include a liability cap, typically set at the value of the contract itself or linked to your insurance cover limit. If a client refuses to accept any cap, that is a red flag worth addressing before you begin work. At a minimum, ensure your public liability and professional indemnity insurance limits are sufficient to cover the realistic worst-case scenario for that particular site.

2. Broad Indemnity and Hold Harmless Clauses

Indemnity clauses require your company to compensate the client for losses caused by your actions or failures. Hold harmless clauses go a step further — they can require you to protect the client from claims made by third parties, even where the client themselves contributed to the situation.

For example, a security officer at a shopping centre detains a suspected shoplifter. The individual later makes a wrongful arrest claim against the retailer. If the contract includes a broad indemnity clause, your security firm could find itself picking up the legal costs and any damages — even if the retailer's own policies contributed to the situation.

These clauses are increasingly common in contracts with large commercial clients who have procurement departments focused on minimising their own exposure. It is worth having any contract with wide indemnity provisions reviewed by a solicitor familiar with commercial services agreements before signing. Your professional indemnity and public liability insurers will also want to know the scope of indemnities you have accepted, as overly broad obligations may affect what your policy will and will not cover.

3. Inadequate Specification of Duties

A risk that often goes unnoticed is the contract that is simply too vague about what your company is and is not responsible for. Contracts that describe your obligations in broad, catch-all terms — such as "maintaining the security of the premises" or "ensuring the safety of all persons on site" — can create enormous exposure.

When an incident occurs, a vaguely worded contract can be interpreted against you. A client may argue that because you were responsible for "security", you are therefore liable for a theft that occurred in an area not specifically covered, outside your contracted hours, or involving a security failure that had nothing to do with your officers' actions.

Before signing, ensure that the contract clearly specifies:

  • Exact hours of cover and patrol schedules
  • Specific areas or zones your officers are responsible for
  • The precise duties your officers are required to perform
  • What falls outside the scope of your service
  • Client responsibilities (e.g., ensuring access control systems are functioning)

The more precisely your obligations are defined, the easier it is to defend a claim that falls outside what you were contracted to do.

4. Liability for Employee Actions

Security companies are vicariously liable for the actions of their employees and subcontractors while on duty. This is a well-established legal principle in England and Wales, and it means that if one of your officers assaults a member of the public, uses excessive force, improperly detains someone, or causes accidental damage to a client's property, your business can be held responsible.

This risk is amplified when contracts require you to deploy SIA-licensed staff but do not give you adequate control over working conditions. For instance, if a client demands unusually long shifts, restricts your officers from taking breaks, or asks them to perform duties outside their training — and an incident results — questions of contributory liability become complex.

Your employers' liability insurance covers injuries to your own staff. Your public liability insurance covers third-party bodily injury or property damage caused by your employees. However, claims involving allegations of assault, wrongful detention, or civil liberties violations may require specialist cover — sometimes referred to as security liability or manned guarding insurance — that specifically addresses these scenarios. Standard public liability policies may exclude deliberate acts, which is why specialist cover is essential for this sector.

5. Intellectual Property and Data Protection Obligations

Security companies increasingly handle sensitive information — access codes, alarm systems, CCTV footage, staff rosters, and details about client operations. Contracts may include clauses that impose obligations under the UK GDPR and the Data Protection Act 2018, particularly where your company operates CCTV systems, retains footage, or shares data with client security teams.

A breach of data protection obligations — whether through a cyberattack on your monitoring systems, inadvertent sharing of footage, or failure to delete data within agreed timeframes — can expose your business to regulatory fines from the Information Commissioner's Office (ICO) and civil claims from individuals whose data was affected.

Contracts will often require you to act as a data processor, meaning you must comply with the client's data protection policies, maintain records of processing activities, and report any breaches without undue delay. If your systems are compromised and client data is stolen or exposed, the resulting costs — investigation, notification, legal defence, and regulatory response — can be substantial.

Cyber liability insurance is increasingly important for security companies, especially those operating remote monitoring, digital access control, or cloud-based CCTV systems. Combined with robust internal data handling procedures, it provides a financial safety net if a breach occurs.

6. Consequential Loss and Business Interruption Claims

Some contracts include clauses holding your company responsible for consequential losses suffered by the client as a result of your failure. This could include loss of business income, reputational damage, or the cost of operational disruption following a security incident.

Imagine a warehouse that suffers a break-in while under your watch. The client's stock is stolen, but the contract also allows them to claim for lost orders they could not fulfil, the cost of emergency replacement stock, and the management time spent dealing with the aftermath. Consequential losses can dwarf the direct cost of the incident itself.

Standard insurance policies typically exclude consequential loss unless it is specifically included. Ensure you understand whether your contract exposes you to these claims, and if so, whether your insurance programme is structured to respond. Where possible, negotiate to exclude consequential loss from your liability in the contract itself.

7. Subcontracting and Supply Chain Risks

Many security companies use subcontractors or agency staff to fulfil contracts, particularly during periods of high demand or when covering specialist assignments. This creates its own set of contractual risks.

If your contract with a client prohibits subcontracting without prior written consent and you breach that clause, you may void your contractual protections and find yourself personally liable for any incidents involving subcontracted staff. Even where subcontracting is permitted, you remain responsible for ensuring those individuals hold valid SIA licences, are properly briefed, and are covered by adequate insurance.

Your own insurers need to know that you use subcontractors. If you fail to disclose this and a claim arises involving subcontracted staff, your insurer may decline to indemnify you. Always check that subcontractors carry their own public liability and employers' liability insurance, and consider requiring them to provide certificates of insurance before deployment.

8. Termination and Cancellation Liability

Contracts that include automatic renewal clauses, long notice periods, or penalties for early termination can create financial obligations your business is not prepared for. If a client terminates a contract without adequate notice — or if you are forced to terminate due to resource constraints — the resulting dispute can involve claims for loss of income, mobilisation costs, and any damage that occurs during any transition period.

Equally, if you are found to have breached contract terms — even inadvertently — a client may terminate without notice and claim damages. Ensure your contracts clearly define what constitutes a breach, what notice period applies to termination, and what remedies are available to both parties.

The Role of Insurance in Managing Contract Risk

Insurance does not remove contractual risk — but it provides the financial resilience to manage it when things go wrong. For security companies in the UK, a robust insurance programme typically includes:

  • Public Liability Insurance: Covers third-party bodily injury and property damage caused by your operations or employees. Essential for any client-facing security work.
  • Employers' Liability Insurance: Legally required if you employ staff. Covers claims from employees who are injured or become ill as a result of their work.
  • Professional Indemnity Insurance: Covers claims arising from negligent advice, errors, or omissions in your professional services — particularly relevant for consultancy, risk assessment, or security management work.
  • Specialist Security Liability Insurance: Covers specific risks associated with manned guarding, including assault, false imprisonment, and wrongful detention claims.
  • Cyber Liability Insurance: Covers costs associated with data breaches, cyberattacks, and regulatory investigations — increasingly important as security companies operate more digital infrastructure.
  • Commercial Legal Expenses Insurance: Covers the cost of pursuing or defending contract disputes, employment tribunal claims, and regulatory investigations.

Cover limits should reflect the value of your contracts and the realistic worst-case scenario for each site you operate on. A security company contracted to protect a high-value data centre has very different exposure to one providing ad-hoc door supervision at small venues — and your insurance programme should reflect that difference.

Practical Steps to Reduce Your Contract Risk

Beyond insurance, there are operational steps every security company should take to reduce its exposure:

  1. Have contracts reviewed by a solicitor before signing, particularly for high-value or long-term engagements. The cost of legal review is a fraction of what a poorly understood clause could cost you.
  2. Use your own standard terms where possible, rather than accepting a client's template. A well-drafted set of your own terms, prepared with legal advice, can significantly reduce your default liability position.
  3. Document everything. Site reports, incident logs, briefing notes, and communication records are your primary evidence if a dispute arises. A well-documented incident is far easier to defend than one that exists only in memory.
  4. Train your staff on contract awareness. Officers who understand the scope of their duties — and what falls outside it — are less likely to take actions that create liability.
  5. Review your insurance annually and whenever you take on a new contract with materially different risk characteristics. Failing to disclose new risks to your insurer can invalidate your cover when you need it most.
  6. Conduct risk assessments before mobilising. A thorough pre-contract site survey identifies hazards, access issues, and operational challenges that may affect your ability to deliver the contracted service safely and effectively.

Conclusion

Security company contracts are not just administrative paperwork — they are legally binding documents that define your liability exposure for the entire duration of an engagement. Broad indemnity clauses, unlimited liability provisions, vague duty specifications, and consequential loss exposure can all leave your business facing claims that far exceed the value of the contract itself.

The good news is that with careful contract review, clearly defined service scopes, and a well-structured insurance programme, these risks are entirely manageable. The security industry operates in a demanding environment, but businesses that take their contractual obligations seriously — and ensure they have the right protection in place — are far better positioned to grow sustainably and with confidence.

At Insure24, we specialise in commercial insurance for UK security companies. Whether you need public liability, professional indemnity, specialist manned guarding cover, or cyber liability insurance, our team can help you build a policy that reflects your actual risk profile and the specific demands of the contracts you hold. Get in touch today to discuss your requirements or use our online quote system to explore your options.

Call us on 0330 127 2333 or visit www.insure24.co.uk to get a quote.

Related articles

More reading from the same topic area to help you compare risks, cover options and practical next steps.