Selling a Security Services Business in the UK

Security services is one of the most active consolidation sectors in the UK mid-market right now. If you run a manned guarding, mobile patrol, key holding, or integrated security business, there is genuine buyer appetite — but the variables that determine whether you achieve 4x EBITDA or 7x EBITDA are specific to this sector and worth understanding clearly before you go anywhere near a sale process. Contract quality, SIA licence compliance, workforce management, and technology adoption all matter more here than in most other service businesses.

Contents

What is the valuation landscape for UK security businesses?

Security services businesses in the UK typically sell at EBITDA multiples of between 4x and 7x. That is a wide range, and where your business sits within it depends almost entirely on the quality of what sits beneath the revenue line — not just the revenue itself.

The sector consolidation story is real and ongoing. PE-backed platforms have been rolling up regional security businesses for several years, and national players continue to acquire for geographic reach. That demand keeps multiples competitive for well-run businesses. But buyers in this sector are experienced, and they know exactly what they are looking for.

Business ProfileTypical EBITDA Multiple
Sub-contracted revenue, poor SIA compliance, high customer concentration3x – 4x
Mix of direct and sub-contracted, reasonable compliance, some concentration4x – 5x
Predominantly direct contracts, good SIA compliance, diversified customer base5x – 6x
Long-term direct contracts, strong compliance, technology-integrated, multi-service6x – 7x+

What drives value in a security company sale?

Contract quality and structure

This is the single most scrutinised area in any security business acquisition. Buyers draw a sharp distinction between two types of revenue:

Direct end-user contracts — where your business has a direct contractual relationship with the customer — are valued significantly higher than sub-contracted work passed down from a national provider. Sub-contracted revenue carries inherent fragility: the national can terminate or reduce work without notice, and the margin is compressed. Buyers will discount this revenue heavily, or exclude it from their valuation calculation entirely.

Beyond direct versus sub-contracted, buyers want to see:

  • Contract lengths of one to three years or longer, with auto-renewal clauses
  • Low churn rates — ideally below 10% annually
  • Contracts with notice periods of at least three months
  • No single customer representing more than 20–25% of total revenue

Customer concentration above that threshold creates real vulnerability in a buyer's eyes. If one customer accounts for 30% of your revenue, expect that to generate detailed questions — and potentially a deferred element in the deal structure tied to that customer's retention post-sale.

SIA licence compliance

Every director, potential buyer, and due diligence team in this sector knows that SIA licence management is where operational risk lives. When a buyer's advisers begin financial and legal due diligence, they will request a full schedule of every operative's SIA licence expiry date.

What they are looking for: a business that proactively manages licence renewals, has a process to flag upcoming expirations, and has no history of deploying unlicensed operatives. A poorly managed licence profile — licences lapsing, patchy records, any regulatory action from the SIA — is a deal-breaker, not a renegotiation point.

Before you go to market, audit your SIA compliance position. If there are gaps, address them. This is non-negotiable.

Accreditations and standards

Buyers expect compliance with BS 7499 (static guarding) and BS 7984 (key holding) as a baseline. ACS (Approved Contractor Scheme) status under the SIA is increasingly viewed as standard for businesses of any scale. Businesses with NSI Gold or SSAIB approval for electronic security services achieve better buyer confidence. These accreditations signal operational credibility and reduce due diligence friction.

Service line diversification

A business that delivers manned guarding, mobile patrol, key holding, and alarm response across the same customer base is more attractive than one that does only one thing. Integrated security — where you provide both physical and electronic services — commands a further premium, as it reduces customer churn and increases switching costs.

Technology adoption

This has become a meaningful value driver in the last few years. Businesses that have integrated technology into their service delivery — body cameras, app-based guard reporting, real-time GPS tracking, remote monitoring capability — are demonstrably more attractive than those running purely manual operations.

The reason is straightforward: technology reduces margin leakage, improves evidence of service delivery, and creates data that demonstrates contract performance to customers and acquirers alike. It also positions the business as scalable in a way that manual-only operations are not.

Who is buying UK security businesses?

The buyer universe is more active in this sector than in many comparable service industries.

PE-backed security platforms are the most acquisitive buyer type. Several well-capitalised platforms are actively acquiring regional security businesses to build national coverage. These buyers pay for quality and will move quickly if the business fits their thesis — but they are also the most rigorous in due diligence.

National security companies acquiring for geographic footprint are a second tier. If you operate in a region where a national has limited presence, your business solves a specific problem for them. These deals can be straightforward but often come with integration expectations and earn-out structures.

Facilities management businesses represent a third buyer category. FM companies that currently sub-contract security to third parties often find it strategically attractive to bring that capability in-house. This buyer type may be less sophisticated in their assessment of security-specific risks — but they are motivated, and strategic rationale often supports a stronger headline price.

How do buyers assess margin sustainability?

Security services is a labour-intensive business. Buyers know that. What they are stress-testing is whether your EBITDA margin is genuinely sustainable or whether it has been achieved through short-term cost pressure that cannot hold post-acquisition.

Key areas of scrutiny:

  • Pay rates relative to National Living Wage increases — buyers will model forward NLW increases and assess whether your pricing structure accommodates them. If your contracts do not include annual rate reviews, that is a margin risk they will price into the deal.
  • TUPE liability — on mobilisation of new contracts and on any recent acquisitions you have made, buyers will want to understand the TUPE exposure and whether there are any legacy employment obligations.
  • Absence management and turnover rates — high turnover inflates recruitment and training costs and signals operational instability. Buyers will look at your staff turnover data as a proxy for management quality.
  • Overhead structure — control room costs, vehicle fleet management, and management overhead relative to revenue are all benchmarked against sector norms.

What does the sale process look like?

A typical sale of a UK security services business from mandate to completion runs between six and twelve months. Here is what that process looks like in practice:

  1. Preparation phase (months 1–2): Financial normalisation, SIA compliance audit, contract schedule preparation, management information pack.
  2. Information Memorandum and approach (months 2–3): Preparation of the IM and confidential approach to qualified buyers.
  3. First-round bids and management meetings (months 3–4): Indicative offers received, shortlist of buyers progressed to management presentations.
  4. Heads of Terms (HoTs) (month 4–5): Preferred buyer selected, HoTs negotiated covering price, structure, and key conditions.
  5. Due diligence (months 5–8): Financial, legal, and operational DD. SIA compliance review, contract analysis, TUPE assessment, accreditation verification.
  6. SPA negotiation and completion (months 8–12): Share Purchase Agreement drafted and negotiated. Completion.

Deals in this sector do carry specific due diligence risk around workforce compliance. Build in time for that process and have your records in order before you start.

If your business operates across security and wider facilities management, or if TUPE exposure is a relevant consideration in your sale, the following guides are worth reading alongside this one. Selling a Facilities Management Business in the UK covers the valuation and process considerations for integrated FM businesses. TUPE Explained for Business Sellers sets out what buyers look for and how TUPE risk affects deal structure.

FAQ

What EBITDA multiple can I expect for my security business? Most UK security businesses sell between 4x and 7x EBITDA. Businesses with long-term direct contracts, strong SIA compliance, diversified customers, and technology integration achieve the upper end. Sub-contracted revenue heavy businesses, or those with compliance issues, are at the lower end or below it.

Does sub-contracted revenue affect my valuation? Yes, significantly. Buyers value direct end-user contracts far higher than sub-contracted work. Sub-contracted revenue is treated as fragile, margin-compressed, and potentially excluded from the valuation multiple calculation altogether.

How important is SIA licence compliance to buyers? It is critical. Buyers will review the full licence expiry schedule for all operatives during due diligence. Any history of deploying unlicensed staff or poor licence management processes can kill a deal. Get your compliance position in order before going to market.

What accreditations should I have in place before selling? ACS status, BS 7499 compliance, and BS 7984 (for key holding operations) are baseline expectations. NSI Gold or SSAIB approval for electronic services add credibility. These accreditations reduce due diligence friction and signal quality to buyers.

How does customer concentration affect the deal structure? If a single customer represents more than 20–25% of your revenue, buyers will typically look to reflect that risk in the deal structure — either through a lower headline multiple or through a deferred consideration element tied to that customer's retention post-completion.

What tax position should I consider when selling my security business? If you qualify, Business Asset Disposal Relief (BADR) reduces Capital Gains Tax to 18% on qualifying gains up to £1 million (as of April 2026). Above that threshold, the standard CGT rate of 24% applies for higher rate taxpayers. An Employee Ownership Trust (EOT) sale is another route that can be tax-efficient under the right circumstances. This article contains general information only and does not constitute financial or tax advice. Every business sale is different. Speak to a qualified UK tax adviser about your specific situation before making any decisions.

Ready to understand what your security business might be worth? Use the free valuation calculator on Succession Group to get an indicative range based on your sector, revenue, and EBITDA — with no obligation and no adviser call required until you are ready.