Security clearances: a barrier to market entry?

The UK Ministry of Defence (MoD) relies on private-sector businesses to provide the critical equipment, products, or services it needs to be mission-ready. 

Given the sensitive nature of this work, the MoD demands absolute assurance that national security and supply chain risk is minimised.  

For the companies supplying the MoD, this means attaining the necessary clearances, which assess every workspace and individual involved in fulfilling defence contracts. However, security clearances present a complex landscape that can be difficult to navigate – for SMEs and startups in particular.  

The government has committed to “making SMEs a national priority”, with the MoD announcing in March that it aims to spend GBP7.5 billion with SMEs by May 2028. Despite this, systemic issues from long processing times and a sponsorship model that heavily relies on industry relationships can present an obstacle for smaller companies. With fewer connections in the sector, this issue is particularly challenging for SMEs looking to enter defence.  

DSEI Gateway explores why security clearances can be challenging for SMEs, and how the process could be adapted to lower the barrier to entry.  

What are security clearances?  

Security clearance involves the checking of individuals by United Kingdom Security Vetting (UKSV), part of the Cabinet Office, to assess whether they present a security risk.  

There are several different levels of security clearance in the UK, each indicating a higher level of access. These begin with the Baseline Personnel Security Standard (BPSS), rising to Counter Terrorist Check (CTC), then Security Check (SC), and Developed Vetting (DV).  

“Security clearances are a vital safeguard that protect our nation's most sensitive defence capabilities,” a spokesperson from the MoD told DSEI Gateway. While SC is the most common clearance needed to work on an MoD contract, other projects require DV. 

A 2023 report from the National Audit Office notes that between 2018-2023, UKSV received an average of 164,700 CTC and SC and 17,900 DV applications a year. 

Aside from individual clearances, the Industry Security Assurance Centre (ISAC) handles the accreditation of physical company locations, known as Facility Security Clearance (FSC).  

Businesses that work on defence contracts or agreements may handle secret or top secret information, as well as sensitive technologies or prototypes, so the MoD needs to ensure the appropriate level of security at all locations.  

The challenge for SMEs  

Individuals within a business that want to work on a project with the MoD cannot simply apply for security clearance. The UK utilises a sponsor-led system, where clearance must be applied for through an organisation that already has FSC clearance itself.  

Ken Turley, Managing Director of business advisory TOKK and former Managing Director of defence SME Horsebridge Defence and Security, told DSEI Gateway that to obtain FSC, a security aspects letter is first required. This letter explains a company’s need to handle sensitive information.  

“To gain a security aspects letter, you have to be delivering on a suitably classified project to a prime contractor, a partner, or the MoD directly,” Turley said. “You can't just apply to get this qualification.”  

According to the MoD, should a “non-FSC or provisional FSC supplier be selected to undertake [a] contract, the ISAC shall initiate action to grant the supplier a FSC.” This process checks whether a facility is secure enough for the company to be awarded a contract or framework agreement. The MoD adds that “the existence of FSC is mandatory before the contract can be awarded.”  

The clearance trap  

However, Turley argued that tender or bid documents often contain classified information, which cannot be viewed by a company without existing FSC due to a lack of secure storage. This can lead to a “trap” – companies cannot obtain FSC without working on a defence project, but cannot bid on these contracts without holding the necessary clearance. 

For SMEs, this can present a roadblock, especially if they do not have sponsorship from working on an MoD project alongside a prime contractor. Smaller companies looking to enter the sector may not have the right connections to work on these projects and some primes may even actively compete with SMEs for contracts.  

If a company does manage to receive sponsorship to obtain FSC, it can take up to 12 months – and in some cases, 18 months – to be approved, Turley said.  

Only once a company has FSC can it then request security vetting on behalf of its own employees. The subsequent clearance will take even more time – between six and nine months for DV, according to recruiter Morson Jobs.  

At this point, Turley said, the delivery deadline for products or services in a contract or agreement may have passed. 

This current landscape of security clearances follows a major structural reform. In 2020, UKSV transitioned from being under the MoD to the Cabinet Office and in 2023, the move was found to have “not been fully completed”, leaving UKSV to manage legacy elements.  

A House of Commons Committee report, also published in 2023, found that the Cabinet Office had failed to “get a grip” on vetting services since it took over responsibility.  

In reply, Jarvis said that “UKSV continues to undertake a programme of work to improve the efficiency of the vetting process.” This included ongoing work to digitise and automate the process. 

In November 2025, Jarvis updated that a stabilisation programme initiated in 2023 had led to “sustained and stable improvements” in UKSV performance, with its core services meeting targets. DSEI Gateway understands that the transition of UKSV to the Cabinet Office has now been completed. 

Even with this improved performance, however, security clearances can still be an operational bottleneck. Russell Baker, Managing Director of recruitment business Copello, told DSEI Gateway that waiting for security clearances for new hires can be a real headache for SMEs.  

Due to the liquidity of smaller companies, most need hires to start as quickly as possible. Hiring talent with pre-existing security clearance can be an option, but often the competition from primes is too steep, with SMEs unable to offer comparable salaries or benefits. 

“You need the contract in the bank before you can go out into the market and that restricts new businesses coming in and being able to hire,” Baker said.  

For the government to meet its SME spending targets, the disconnect between strategic ambitions and the hurdles of the security clearance system should therefore be addressed.  

Overcoming the challenge 

The MoD seemingly acknowledged this issue in its 2025 Strategic Defence Review, where it said that by April 2026, it would “develop a package of support for its industrial partners” that would include reforming security clearance requirements. However, any changes have yet to be announced.  

Without reforms on the near horizon, Turley recommends SMEs and startups invest in a consultant that understands the latest clearance regulations. While this may be an expensive route, the advantages of having expertise on board outweigh the costs.  

Baker noted that the agility of SMEs can be a benefit in light of these challenges. Where SMEs or startups can specialise in a certain technology or service, prime contractors may be more interested in working with them – and SMEs can use these opportunities to win sponsorship.  

Another workforce management solution for SMEs, he said, is to engage contractors. This can allow smaller companies to be even more agile, working with the various talent they need at any given time.  

Additionally, the UK MoD’s new Defence Office for Small Business Growth is designed to provide support for SMEs and startups. The MoD spokesperson said that the office, launched earlier this year, is already working with 30 pathfinder SMEs across the UK to trial simplified commercial pathways, which includes guidance on security requirements. 

Potential changes  

According to the MoD, it wants “to make the pathway to obtaining [security clearances] as straightforward as possible for businesses of all sizes.” 

While Turley said that the entire process would benefit from allowing companies to simply apply for FSC, as this is the “main stumbling block”, Baker noted that the wait for individual security clearances is causing SMEs to “lose candidates” to primes or other industries. He suggested being able to hire individuals with BPSS – the lowest level of security clearance – and expediting the security clearance process so that candidates can be quickly onboarded.  

Ultimately, the sponsor-led vetting structure and waiting times involved in the security vetting process can present a roadblock to SMEs with limited liquidity, or a barrier to entry for those outside the defence sector. To bridge this gap, the government must work closely with industry, such as through its Defence Office for Small Business Growth, to provide a visible path forward.