National Security Inspectorate Sentinel House, 5 Reform Road Maidenhead SL6 8BY Website: nsi.org.uk Document no. NCP 119 Document issue no. 2 Document issue date April 2020 Document owner Head of Field Operations – Services Last review date April 2020 Document classification PUBLIC (RESTRICTED) Page 1 of 11 © NSI 2020 NSI cod e of practice for the prov ision of labour in the security and events sector s NCP 119 Issue 2 April 2020 NSI code of practice for the provision of labour in the security and events sector s Document no. NCP 119 Document issue no. 2 Document issue date April 2020 Document owner Head of Field Operations – Services Last review date April 2020 Document classification PUBLIC (RESTRICTED) Page 2 of 11 © NSI 2020 Contents 1 Introduction ………………………….. ………………………….. ………………………….. ………………………….. ……………. 4 2 Scope ………………………….. ………………………….. ………………………….. ………………………….. ……………………….. 4 3 Application ………………………….. ………………………….. ………………………….. ………………………….. ……………… 4 4 Requirements ………………………….. ………………………….. ………………………….. ………………………….. …………. 4 4.1 The Provider ………………………….. ………………………….. ………………………….. ………………………….. ……………… 4 4.2 Personnel ………………………….. ………………………….. ………………………….. ………………………….. ………………….. 6 4.3 Sale of Service ………………………….. ………………………….. ………………………….. ………………………….. ………….. 9 4.4 Operations ………………………….. ………………………….. ………………………….. ………………………….. ……………… 10 4.5 Documentation/Records ………………………….. ………………………….. ………………………….. …………………. 11 NSI code of practice for the provision of labour in the security and events sector s Document no. NCP 119 Document issue no. 2 Document issue date April 2020 Document owner Head of Field Operations – Services Last review date April 2020 Document classification PUBLIC (RESTRICTED) Page 3 of 11 © NSI 2020 Foreword The procurement of additional labour to support service delivery in the security guarding and events management sector s is common practice and gives companies flexibility to scale operations effectively and , when professionally managed , ensure security is not compromised. When not adequately managed there is a risk to the safety and security of the public, to the integrity of the supply chain and of worker exploitation. This can manifest itself in a n absence of adequate controls regarding SIA licensing, security screening t o BS 7858, adherence to Working Time Regulations, the paying of minimum wage and checks on right to work and employment status . This code of practice has been developed to enable companies provid ing labour (providers) to security companies (contractors) t o demonstrate best practic e by holding independent certification in the scope of “Provision of labour in the security and events sector s ”, as having be en audited against the requirements of this code of practice . Approval to this code of p ractice by provid ers demonstrates supply chain commitment to meeting statutory and legislative requirements and certain relevant Environmental , Social and Governance criteria in the provision of services delivered . Contractors procuring additional labour to support service delivery may use approval to this code of practice as a procurement requirement for assurance a provider has been audited against the requirements in this code of practice. This document is to be read in conju nction with: British Standard Code of Practice BS 7858 NSI Guarding, Cash and Specialist Services Approval Criteria (MSF 571 , current issue) No company shall hold out or claim that it adheres to this NSI code of practice unless compliance with the same is confirmed by a valid Certificate of Approval issued by NSI . NSI code of practice for the provision of labour in the security and events sector s Document no. NCP 119 Document issue no. 2 Document issue date April 2020 Document owner Head of Field Operations – Services Last review date April 2020 Document classification PUBLIC (RESTRICTED) Page 4 of 1 1 © NSI 2020 1 Introduction The term ’ labour provision ’ used in this NSI code of pr actice applies to activities which are described as follows: ‘B o ught – in – labour , licensed or unlicensed , employed and/or supplied by a third party provider to temporarily supplement the cont ract or ’s own workforce. ’ Note : When deployed, bought – in – labour operates under the direction and control of the management of the contracting company (and not the labour p rovider). Note: The provider is the organisation providing the labour ; the c ontractor is the organ isation deploying the labour . 2 Scope The scope of this NSI code of p racti ce covers all labour provision provided to co ntractors operating in the regulated s ecurity and events sector s . 3 Application This NSI code of p ractice a pplie s to all providers seeking to obtain or maintain an NSI certificate of approval for labour provision . 4 Requirements Requirement Details 4.1 The Provider 4.1.1 Structure Objective: Fit and proper organisation with accountable defined structure and directors The provider shall possess a clearly defined management structure showing control and accountability at each level of operation. The provider shall operate a complaints manageme nt system to enable: 1) a record of all complaints to be kept relating to the services provided and relevant c ode of practice ; 2) a ppropriate action to be taken with respect to such complaints and any deficiencies found that affect compliance with the agreed ser vices and relevant c ode of practice; and NSI code of practice for the provision of labour in the security and events sector s Document no. NCP 119 Document issue no. 2 Document issue date April 2020 Document owner Head of Field Operations – Services Last review date April 2020 Document classification PUBLIC (RESTRICTED) Page 5 of 11 © NSI 2020 Requirement Details 3) a ctions taken to be documented. 4.1.2 F inances Objective: Fit and proper organisation with sufficient funding to provide services offered and that meets relevant financial legislative requirements The provider shall have sufficient working capital and reserves for its current and future requirements. The provider is to demonstrate that i t is trading lawfully, meeting its just debts and other financial obligations, to indicate that the financial affairs of the co mpany are carried out in a responsible and prudent manner . The provider shall prepare annual accounts in accordance with applicable accounting standards. Accounts shall be available for examination on request. 4.1.3 P ayroll Ob jective: Fit and proper organisation that meets legislative requirements in relation to earnings, deductions and contributions The national minimum and living wage rates are adhered to or exceeded, for basic take home pay. Wage calculations for minimum wage do not include other i tems such as holiday pay, transport, uniforms , etc . The provider adheres to the legislation on statutory holiday pay and all employees receive holiday pay at the time of taking leave. The provider adheres to the legislation on auto enrolment to Workplac e Pension schemes for all eligible employees. The provider complies with all the relevant tax and national insurance legislation concerning people it deploy s . This re quires complying with all HMRC guidance, including operating Real Time Information correc tly and on time. Payroll is managed to legislative standards. Tax codes are checked and correctly applied in a timely manner and in compliance with HMRC guidance. Staff are paid through a PAYE compliant system. People who are subject to PAYE receive full e mployment rights of an employee. Month – end and year – end procedures are run within deadlines. There is a direct link between the hours worked and the wages paid. This also applies where staff are paid by others , e.g. a factoring company, an umbrella payrol l company, an agency, or sub – contractor. Providers do not make unlawful deductions from staff pay. Payments to staff are made on time within the contractual payment cycle . All queries relating to payroll are handled effectively and lessons learned are fed back to improve procedures. C lear information is provided to staff about their pay, deductions and the payroll system in use. NSI code of practice for the provision of labour in the security and events sector s Document no. NCP 119 Document issue no. 2 Document issue date April 2020 Document owner Head of Field Operations – Services Last review date April 2020 Document classification PUBLIC (RESTRICTED) Page 6 of 11 © NSI 2020 Requirement Details S elf – employment : Providers shall show due diligence in determining or identifying the correct employment status of all staff working for them based on actual practice, this being reflected in the completion of the CEST tool for each role. Where individuals are confirmed as self – employe d (using the CEST tool), providers shall demonstrate that agency legislation does not apply. Otherwise, the operatives will be regarded as agency workers and all remuneration received for services provided will be subject to PAYE/national insurance. 4.1.4 Insurance Objective: Fit and proper organisation that has sufficient levels o f insurance cover for the services they deliver The provider shall maintain appropriate insurance . The provider shall possess insurance cover commensurate with the business undertaken , services provided and the number of persons employed. The provider shall hold , as a minimum, employer’s liability insurance as expressed within the Employers’ Liability (Compulsory Insurance) Act . The provider shall also ensure that where relevant and/or required, other insurances are held, for example public liability, products liability, efficacy/inefficacy, professional indemnity, wrongful arrest, contractual liability, wilful and belligerent acts, financial loss, fidelity bonding, directors and officers, property/office cover. Insurance certificate(s) and/or schedule (s) shall be directly produced by the insurer and not any agent or broker. The documents shall specifically state the exact trade/trades being undertaken and cover to a sufficient level to ensure both third parties and staff are properly protected. 4.1.5 Premises Objective: Fit and proper organisation that has sufficient facilities to support service delivery The provider shall operate from suitable and adequate secure premises . C onsideration shall be made for storage of documented information in relation to staff , suppliers and contractor s . Documented information shall be held securely and in line with relevant legislation. Note: It is a condition of a pproval that NSI auditors sha ll be permitted access to inspect and examine all premises, tools, equipment documentation, records, management systems, procedures and contracted sites which are relevant to the scope of the NSI Approval. 4.2 Personnel NSI code of practice for the provision of labour in the security and events sector s Document no. NCP 119 Document issue no. 2 Document issue date April 2020 Document owner Head of Field Operations – Services Last review date April 2020 Document classification PUBLIC (RESTRICTED) Page 7 of 11 © NSI 2020 Requirement Details 4.2.1 Selection , right to work and security screening Objective: Competent personnel and compliance with relevant British standard s and applicable legislation – Personnel deployed have been screened to the appropriate level , hold valid SIA licences (where applicable) and right to work in the UK (in all cases) Where applicable , as defined in the latest current edition of BS 7858, staff supplied shall be screened in line with t he requirements of BS 7858. The provider shall carry out screening in accordance with BS 7858 prior to the engagement of every individual in a relevant employment role or prior to their role being changed , e.g. a person initially appointed as a steward being reassigned in the role of a licensed security officer or door supervisor. Where staff are deployed to roles where security screening in line with BS7858 is not applicable, where required the provider shall ensure th at screening in line with other a pplicable standards is c ompleted , e.g. BS 8406 – Events S tewarding and C rowd S afety. The provider shall agr ee screening requirements in writing with the contractor , its customer . T his shall detail whether staff can be deployed once limited security screening has been completed or whether full scr eening is required before deployment . The provider shall check the validity of the SIA licence and right to work in the UK for all licensed staff at least monthly . Confirmation of right to work in the UK verified through original documentation shall be ma de readily available to the contractor , and the contractor’s customer on request. Confirmation of completed security screening shall be readily available on request. The provider works within the legal requirements on staff working hours. Shift patterns and the number of hours worked are appropriate, to protect the health and safety and ensure the effectiveness of staff. 4.2.2 Training Objective: Competent Personnel – Individuals deployed are competent for the role agreed with the customer and are awa re of their own company policies and procedures The provider shall have a clearly defined and documented training policy. The provider shall provide induction training to all staff in matters related to employment and the provider’s procedures including t he importance of contractors’ site specific : assignment instructions ; and health and safety risk assessments ; and the requirement to sign the contractor’s log to confirm understanding of the above or report to the provider NSI code of practice for the provision of labour in the security and events sector s Document no. NCP 119 Document issue no. 2 Document issue date April 2020 Document owner Head of Field Operations – Services Last review date April 2020 Document classification PUBLIC (RESTRICTED) Page 8 of 11 © NSI 2020 Requirement Details immediately or as soon as reasonably possible any absence of the above. The provider is to maintain records of all training undertaken by staff , and those records shall be retained in either soft or hard copy format ( or both ) . The records shall include details of training undertake n such as date of training , the subject matter of the training , and details of person deliv ering the training including signature of both the trainer and trainee. Where training has been delivered external ly the certificate (or similar) shall include date of delivery, course title, date of expiry (where applicable) and the name of the provider delivering the training . A copy of the training certificate for each employee shall be retained in the records . Where o nline training is provided the provider shall confirm delivery and receipt of the training undertaken . All training r ecords shall be retained in line with all applicable legislation and regulations. 4.2.3 Terms and conditions Objective: The organisation meets current legal requirements in relation to deployment of personnel The provider shall at the start of employment. provide all staff with a ‘written statement of employment particulars’ . It shall include the main conditions of employment : 1) job title; 2) job description; 3) effective start date; 4) probationary period, if required; 5) provisional period subject to screening, if applicable; 6) employer’s details including address ; 7) place of work ; 8) pay and allowances; 9) hours and days of work; 10) leave entitlement; 11) conditions of payment during absence through illness; 12) pension entitlement; 13) industrial injury procedures; 14) equipment and uniform supplied; 15) disciplinary and appeals procedures; 16) terms of notice of termination of employment ; and 17) confidentiality . NSI code of practice for the provision of labour in the security and events sector s Document no. NCP 119 Document issue no. 2 Document issue date April 2020 Document owner Head of Field Operations – Services Last review date April 2020 Document classification PUBLIC (RESTRICTED) Page 9 of 11 © NSI 2020 Requirement Details Staff shal l not be required to work hours that could be detrimental to their health, safety or efficiency. 4.2.4 Uniform Objective: Professional image Unless otherwise requ ired by the contractor , the labour provider shall determine the uniform to be worn for ea ch assignment and shall ensure the uniform is maintained and presentable. 4.3 Sale of Service 4.3.1 Contractual documentation Objective: Clearly identified costings, terms , restrictions and liabilities in relation to the services provided Provider s shall not engage in misleading, unfair or pressurised selling techniques and shall adopt and keep to high standards of fairness and integrity. Clear information shall be provided to the contractor in relation to the services being offered . The information shall include, bu t not necessarily be limited to : 1) the terms and conditions under which the work would be carried out; 2) the total costing for the service, and the arrangements for payment; 3) the contract period, along with procedures for termination of the contract and reference to any exclusion, penalty clauses or other restrictions; 4) the liabilities of the provider , which shall not be unlimited, other than by law; 5) details of the contractor’s requirements, derived from pre – service discussions or from written instructions, and including clear cross – reference to any separately documented requirements or instructions; 6) arrangements for statutory holidays; 7) the obligations of the provi der to the contractor , including any provision of specialist advice or duties, and reference to any relevant British Standards; 8) the obligation of the provider to maintain confidentiality with respect to information obtained whilst tendering for or fulfill ing a contract; 9) any contractor requirement to provide and/or maintain any specified item or service, which the contractor has agreed to provide and which is necessary for fulfill ing the contractual obligations, including making available to all staff the fo llowing site specific documents: Assignment Instructions ; and NSI code of practice for the provision of labour in the security and events sector s Document no. NCP 119 Document issue no. 2 Document issue date April 2020 Document owner Head of Field Operations – Services Last review date April 2020 Document classification PUBLIC (RESTRICTED) Page 10 of 11 © NSI 2020 Requirement Details Health & Safety Risk Assessment ; 10) security screening requirements (including acceptability of full and partial screening) ; and 11) health and safety arrangements and responsibilities , e.g. provisio n of welfare and lone worker processes , copies of applicable risk assessments . 4.3.2 Contracts Objective: Clearly defined arrangements for delivery of service The contractor shall be asked to sign either: 1) a n a greement – demonstrating they have re ad and understood the quotation and terms and conditions of the provider ; or 2) a contract docu ment referring to the quotation and terms and conditions. The above shall be agreed and exchanged before work commences . Where requests for services are short notice d ue to urgent or unforeseen circumstances, contracts shall be exchanged as soon as practicable (but in all instances of emergency cover, no later than 28 days after the cessation of the cover ) . If the contractor declines to agree to a written contract, the quotation and terms and conditions shall be sent to the contractor with a letter stating that, in the absence of indication to the contrary, the terms and conditions of the provider apply to the services being provided . Should changes be required after t he quotation and terms and conditions have been accepted by the contractor , these shall be agreed in writing with the contractor within 7 days. 4.4 Operations 4.4.1 Dep loyment and management of personnel Objective: Health, safety and welfare of deployed staff is managed and monitored The provider shall have a documented health and safety policy and this shall be communicated to all staff . Responsibilities for health and safety shall be clearly defined, and shall include provision of welfare facilities and lone worker arrangements as a minimum , including the monitoring of check calls and escalation process for missed check calls. The provider shall only deploy staff with prior knowledge of general health and safety arrangements. The provider shall confirm with the contractor any specific health and safety requirements on the site where staff are deployed , e.g. training and equipment. NSI code of practice for the provision of labour in the security and events sector s Document no. NCP 119 Document issue no. 2 Document issue date April 2020 Document owner Head of Field Operations – Services Last review date April 2020 Document classification PUBLIC (RESTRICTED) Page 11 of 11 © NSI 2020 Requirement Details 4.4.2 Suppliers Objective: Preventing the use of non – approved labour providers within the supply chain The labour provider shall only provide their own staff . Where exceptionally , and with written agreement from the contractor , other staff are provided, these shall be sourced only from a nother labour provider holding a n NSI Certificate of Approval for this code of practice. 4.4.3 Confidentiality Objective: Protection of customer, safety and security sensitive information Staff shall individually sign a confidentiality agreement relating to the non – disclosure of the contractor ’s and the provider ’s confidential information and/or material. This shall be retained i n the ir personnel file. 4.5 Documentation/Records 4.5.1 Retention Objective: Protection of customer, supplier and personnel information held by the provider Separate records shall be maintained for each contractor , employee and supplier including other labour providers . The records shall be held securely , but shall be easily accessible to authorized persons and retained only for as long as legislation permits . Where i nformation is stored in cluding in an electronic retrieval system , consideration shall be made to the relevant data protection legislation including the Data Protection Act and GDPR. Records relating to the contractual agreement between the contractor and the provide r shall be retained in a contractor file. These records shall include pre – contract documentation, agreed service levels and contractor correspondence. Archived records shall be identifiable and retrievable . All records concerning a contractor contract sha ll be maintained for at least 12 months after termination of the service . Such records shall include (but are not restricted to): full details of persons deployed on the assignment including screening, licensing and training; and correspondence and compla ints received from the contractor . B asic records for all staff (as detailed in BS 7858) shall be kept for at least 7 years from the cessation of their employment. Note: Attention is drawn to the Gen eral Data Protection Regulation (GDPR ) .