A security guard works a 14-hour night shift, returns home for 8 hours, then starts again. Is that legal? What about a guard who opts out of the 48-hour weekly limit — how do you make sure that opt-out is genuine and documented? These aren’t edge cases. They’re everyday operational realities for UK security companies, and the Working Time Regulations 1998 govern all of them.
For ACS compliance, this is important. This article covers what the Working Time Regulations mean for security companies specifically, where the risks are, and how to manage compliance without burying your operations team in paperwork.
Why Working Time Compliance Is a Real Risk for Security Companies
Security companies operate around the clock with irregular patterns, overnight shifts, weekend deployments, and last-minute cover requests. This makes working time management genuinely difficult — and the industry’s reliance on multi-site workers, pool guards, and zero-hours staff adds further complexity.
Employment tribunals hear working time cases regularly. The risks include:
- Civil claims from guards for denial of rest breaks or holidays
- Health and Safety Executive enforcement for systemic failure to comply
- Tribunal awards for failure to give adequate rest between shifts
- Reputational damage if fatigue-related incidents at sites are linked to excessive hours
The physical and cognitive demands of security work make fatigue a genuine safety risk, not just a legal technicality. A guard who has worked 60 hours in a week with inadequate rest is a liability — to clients, to the public, and to your company.
The Key Rights Under the Working Time Regulations
The 48-hour weekly limit
Workers must not be required to work more than an average of 48 hours per week, calculated over a 17-week reference period. Note “average” — a guard can work 60 hours in one week as long as the 17-week rolling average stays within 48 hours.
Workers can opt out of the 48-hour limit, but this must be:
- Voluntary and in writing
- Not a condition of employment or contract
- Revocable by the worker with 7 days’ notice (or longer if agreed, up to 3 months)
A standard opt-out clause buried in an employment contract is legally questionable. The opt-out should be genuinely separate, genuinely voluntary, and the worker should understand they cannot be disadvantaged for refusing.
Daily rest
Workers are entitled to 11 consecutive hours of rest in every 24-hour period. This is not negotiable via contract — it can only be adjusted for genuine shift workers under specific conditions.
For security companies, this means a guard who finishes a 10pm shift cannot start a new shift before 9am the following day. Scheduling software that doesn’t enforce minimum rest gaps will create violations automatically.
Weekly rest
Workers are entitled to either:
- An uninterrupted rest period of 24 hours per week, or
- An uninterrupted rest period of 48 hours per fortnight
Rest breaks during the working day
Workers are entitled to a 20-minute uninterrupted rest break if their working day exceeds 6 hours. For young workers (under 18), this applies after 4.5 hours.
In security, this can be operationally awkward — a sole guard on a post cannot simply walk away for 20 minutes. The solution here is proper planning: overlapping cover, designated relief times, and documented arrangements. An unbroken shift with no rest break documented is a compliance failure.
Annual leave
Workers are entitled to 5.6 weeks’ paid annual leave per year (28 days for a full-time worker, including bank holidays). This cannot be paid out in lieu except on termination of employment.
Zero-hours and casual workers also accrue holiday pay — a fact that many smaller security firms either don’t know or choose to ignore. The consequences of not paying this have caught out many companies in employment tribunal cases.
Night Work: Extra Rules for Security
Night workers — defined as those who regularly work at least 3 hours of their shift during the period 11pm to 6am — have additional protections that are particularly relevant to security:
- Night work is limited to an average of 8 hours per 24-hour period over the reference period, where the work involves special hazards or heavy physical/mental strain.
- Night workers must be offered a free health assessment before they start night work and periodically thereafter. This is not discretionary — it’s a legal requirement. Offering is sufficient; the worker can decline.
- Records of night workers must be maintained and made available to the HSE on request.
Most security guards qualify as night workers. Many security companies have never offered a health assessment to a single one of them.
The Multi-Site Problem
Here’s where security companies face a challenge that most industries don’t: guards who work for you across multiple sites, or who have secondary employment elsewhere.
If a guard works for you four nights a week and picks up shifts with another agency two other nights, their combined hours might breach the 48-hour average — but you’d only know about your side of it. The legal position is that the employer who has not ensured the worker opted out bears the risk.
Best practice is to:
- Include a declaration in employment contracts that workers will notify you of any other employment
- Obtain written 48-hour opt-outs from anyone who may exceed the limit across all employment
- Monitor your own hours data carefully, and flag any guard averaging above 40 hours per week as a risk indicator
What Records Do You Need to Keep?
The Regulations require employers to keep adequate records to demonstrate compliance. For workers who have not opted out of the 48-hour limit, you must retain records showing their working time and that it remains within the average.
For night workers, additional records are needed.
Practically, this means:
- Accurate timesheets or digital clock-in/clock-out records
- Signed opt-out agreements (kept separately from employment contracts)
- Records of rest breaks offered and taken (or documented exceptions)
- Health assessment invitations for night workers
- Annual leave records and carryover tracking
If you’re still managing this via paper timesheets and spreadsheets, you’re accumulating risk silently. Records get lost, hours get miscalculated, and violations only come to light when a tribunal claim arrives.
How TacDesk Supports Working Time Compliance
TacDesk was designed with the realities of security shift management in mind. The platform gives security companies practical tools to stay on the right side of the Working Time Regulations without creating administrative overhead:
- GPS-verified clock-in and clock-out: Accurate, tamper-resistant time records for every shift — the foundation of working time compliance.
- Automated rest gap enforcement: The scheduling module flags any rota that would put a guard back on shift within 11 hours of finishing their previous one.
- Weekly hours tracking: Dashboard visibility of each guard’s hours over rolling reference periods, with alerts when averages approach risk thresholds.
- Holiday accrual for all worker types: Accurate leave accrual for full-time, part-time, zero-hours, and casual workers — no more manual calculation errors.
- Digital records: All working time data is retained, searchable, and exportable — ready for HSE inspection or tribunal disclosure.
Common Scenarios and What the Regulations Require
| Scenario | What the Regulations Require |
|---|---|
| Guard works 10-hour shift, clocks off at midnight | Cannot start work again before 11am the following day (11-hour daily rest) |
| Guard averages 52 hours/week across 17 weeks | Breach of 48-hour limit unless a valid written opt-out is in place |
| Guard works 7-hour shift with no break | Violation — entitled to a 20-minute break after 6 hours |
| Casual guard works 15 shifts across 6 weeks | Entitled to pro-rata holiday pay — cannot be withheld |
| Night shift worker hired without health assessment offer | Regulatory breach — health assessment must be offered before first night shift |
The Bottom Line
Working time compliance in security is non-trivial — not because the law is especially complex, but because the operational patterns of the industry make it genuinely difficult to track without proper systems. Irregular shifts, multi-site workers, pool staff, night work, and zero-hours arrangements all create risk points that manual processes miss.
The companies that get this right have invested in systems that track hours automatically, flag rest violations before they happen, and keep records that hold up to scrutiny. The companies that don’t tend to find out the hard way.
Want to see how TacDesk can take working time compliance off your to-do list? Request a demo today.
This article is for informational purposes only and does not constitute legal advice. For specific guidance relevant to your circumstances, consult a qualified employment solicitor or contact ACAS.