When the Approved Contractor Scheme arrived, it set off a race to be first to get accredited — and the intention behind it was genuinely good. It was meant to set a level playing field, to raise standards and give buyers a way to tell a serious company from a cowboy.
But here's the problem it never solved: buyers still wanted cheap. And while the good firms invested in accreditation, the worst operators carried on undercutting everyone — some by not properly accounting for VAT or PAYE, and by paying their officers peanuts. They could still go in cheapest. So the very firms ACS was meant to squeeze out are, in many cases, still thriving — and the level playing field never quite arrived. That's not a criticism of the people who built the scheme. It's just what happened.
Here's something buyers are rarely told. Every year, an accredited security business pays an auditor to assess it against the SIA's ACS criteria. And in my experience, across the companies I've worked for and seen over three decades, the run-up to that annual audit is a mad scramble — even at the big firms.
There's a sudden panic to get everything "current": site risk assessments brought up to date, assignment instructions made current and signed by the client, training records squared away — and that's just the site-based criteria. I'll give you a genuinely useful tip as a buyer: if your provider suddenly asks you to sign off assignment instructions or paperwork you haven't seen in months, ask them whether they've got an audit coming up. Trust me — that timing is rarely a coincidence.
My honest view, formed from what I've witnessed, is that the annual audit too often becomes an expensive tick-box exercise rather than a true measure of day-to-day quality. A snapshot taken once a year can be prepared for. And that's my real concern: a check you can prepare for is a check that can, in principle, be passed by a company that isn't actually delivering the other 364 days. I've seen the scramble to make records "audit-ready" that didn't reflect what was happening on the ground. That's the structural weakness — not the people who designed the scheme, but the fact that an annual snapshot simply can't capture continuous reality.
To be completely fair: there are excellent, genuinely committed ACS-accredited companies out there, and the badge does mean a company has cleared a real bar. My point isn't that ACS is worthless. It's that a badge, on its own, can't tell you whether a company is good every day — only that it was ready on audit day.
Let's be honest about what security actually is. Our product is the provision of human beings. And human beings — however well-trained, well-led and well-intentioned — make mistakes. That's not a flaw you can accredit away. No badge, no audit, no tick-box prevents the ordinary human error that is inherent in any people-based service.
So if accreditation can't prevent mistakes, what actually gives you peace of mind? In my view, it's how those mistakes are handled. When something goes wrong — and over a long enough contract, something always will — what sets a company apart is transparency, a genuine drive to improve, and accountability that goes right to the top. That's ownership. That's leadership. And it's the one thing a once-a-year certificate cannot deliver, because it lives in the relationship, not on a wall.
Peace of mind for a buyer isn't a logo. It's knowing exactly who is accountable when it matters, and trusting how they'll respond.
Fair question, given everything I've just said. Two honest reasons.
First, the scheme is a recognised mark, and for some buyers — particularly in procurement and the public sector — it's a requirement or a strong preference. We respect that, and we'll meet it. Pursuing ACS for 2027 means we can serve clients who need that box ticked, without compromise.
Second — and this matters — we'll hold the badge, but we will never rely on it instead of real, continuous accountability. For us, accreditation will be a floor, not the ceiling. We're doing the genuine work behind it every day anyway; the certificate will simply confirm what we already evidence. The difference is we won't treat audit day as the day that matters. Every day matters.
So our position is balanced, not cynical: ACS is worth having, and we're getting it. But don't ever let a buyer mistake the badge for the substance behind it. Ask what's there when the auditor isn't.
This is exactly why we built DOB·Live. Instead of a once-a-year scramble to make records look right, every patrol, check, incident and report is logged in real time — timestamped, tamper-evident, and there to see whenever you want it. We don't prepare for an audit; we are audit-ready every minute of every day, 365 days a year. Audit us any time you like. There's no panic here, because every move we make builds evidence of compliance as it happens.
And it doesn't stop at compliance. Real-time evidence lets us continuously improve — to see what's actually happening and get better at it, rather than tidying the paperwork once a year. That's the difference between a badge and a way of working: one is a snapshot, the other is the whole film.
Read our full guide to ethical security procurement, learn the questions that expose a weak provider, or find out why clients choose us.
It means the company met the SIA's criteria on its audit day — which is a real bar, and many excellent firms hold it. But in our honest view it isn't an automatic guarantee of day-to-day quality, because an annual assessment is a snapshot that can be prepared for. A badge tells you a company was ready on audit day; it can't tell you what happens on your site every other day. Look at how a company operates and how it's held accountable, not just the logo.
Not necessarily. ACS is one signal, not the only one. The SIA's own guidance lists exactly what to verify when buying from a non-ACS provider — SIA licensing, BS7858 vetting, proper employment and pay, insurance, and audited practices. A non-accredited firm that meets all of those, with genuine leadership accountability and real-time evidence, can give you more confidence than a badge alone.
Ask to see live, day-to-day evidence — not a folder prepared for the auditor. Can they show you timestamped patrol and incident records on demand, at any time, not just at review meetings? And a buyer's tip: if a provider suddenly asks you to sign assignment instructions or paperwork you haven't seen in months, ask whether they have an audit coming up. Genuine, continuous compliance doesn't need a pre-audit scramble.
Because it's a recognised mark some buyers require, and we'll meet that without compromise — accreditation is planned for 2027. But we treat it as a floor, not a ceiling. We won't rely on a badge instead of real, continuous accountability; we evidence our compliance every day through DOB·Live. The certificate will confirm what we already do, rather than being the only day that counts.

When you contact Risk Secured, you reach David Foster — Director and Co-Owner. Ex-RAF Police, three decades across every sector of the security industry. The person who'll actually run your security.
I know security can feel like a grudge spend — so my job is to make it work for you, not just bill you. We start with an honest conversation about your business and its risks, and I'll tell you straight where your money should go, including where you're paying for cover you don't need.
No call centres, no sales reps. Just expertise from someone whose name is on the door — and who stays close enough to the work that you'd think we were in-house.