Article

Security clearance and your workforce: what employers can learn from the Mandelson vetting row

7 July 2026

Make an enquiry
People using a security barrier

When the appointment of Peter Mandelson as UK Ambassador to the US was followed by reports that his security vetting had been “pushed through” by the Foreign Commonwealth and Development Office (FCDO), it did more than create a political crisis – it put the UK’s notoriously mysterious National Security Vetting (UKSV) under an unusually bright spotlight.

With a disproportionately high number of SMEs in Herefordshire supplying world leading capability to the Ministry of Defence (MoD) and other government departments, the recent spotlight on UKSV serves as a reminder. If your business handles classified information, and therefore employs security-cleared staff, getting it right is critical.

When is clearance needed?

If your business has access to classified information or government assets, works on government sites, or is a List X / Facility Security-Cleared (FSC) contractor, it is likely that relevant employees will need some level of security clearance.

The level of clearance required will depend on the nature of the information your staff can access and ranges from Baseline Personal Security Standard (BPSS) to Enhanced Developed Vetting (eDV).

The most common levels of clearance required for those operating in the Defence and National Security sectors are Security Check (SC) and Developed Vetting (DV), which allows access to government assets classified as SECRET or TOP SECRET.

What are your obligations as an employer?

Vetting is carried out by UKSV, but you will typically sponsor the process and therefore “owns” the employee’s security clearance. This includes holding the responsibility for ensuring that UKSV is kept updated of any issues affecting an employee’s suitability or eligibility to hold clearance (known as “Aftercare”).

Even where you are not the sponsor – for example where it is a prime contractor or a membership organisation like ADS or Make UK Defence – responsibility for Aftercare remains with you, as does the majority of the commercial and reputational risk if an employee loses clearance.

Because of the nature of SC and DV clearance in particular, aftercare obligations can be burdensome. They require employers to take more of an interest in their employees personal circumstances than would usually be appropriate.

Put simply, the purpose of security vetting is to ensure that those with access to sensitive information, such as that which poses a risk to national security, can be trusted with it and do not pose a risk to the UK’s national interests. This includes maintaining confidentiality and posing a low risk of terrorism, espionage, or exploitation.

Aside from the obvious obligations to notify UKSV of changes such as a cleared employee leaving your employment or acting in a way that poses a security risk (for example, unlawful disclosure of classified information) – you also must take an ongoing approach to security risk management as part of your aftercare responsibilities. This means taking an ongoing approach to mitigating less obvious security risks, such as employees becoming a potential target for exploitation.

Potential risk areas may include financial difficulty, travelling to certain overseas destinations or even having an extra-marital affair – all aspects of personal life employers would ordinarily prefer to avoid.

Employment law implications and commercial risks

Aside from the obvious risk of losing the ability to sponsor cleared staff where you have failed as an employer to comply with your aftercare responsibilities, there are much wider commercial implications to consider.

In most circumstances, unlike the FCDO in the Mandelson case, you will have little to no control over whether your employees will be granted and retain their security clearance. Where clearance is refused or revoked from an employee, as the employer, you will likely be told very little, if anything about reasons behind the decision. Even the clearance holder themselves can be left in the dark – often being told simply that “there are concerns about their financial affairs” or “concerns about their sexual conduct”, as UKSV and/or the relevant government department responsible for granting clearance (such as the MOD or the FCDO) will not wish to increase any risk to national security by providing details of the information they used to make their decisions and/or the source of that information.

Depending upon the nature of the employee’s employment, that can create several issues:

  • The employee is unable to attend the site at which you employed them to work, requiring potential redeployment in circumstances where alternative work is not available. This can be particularly problematic in circumstances where clearance is not revolved but is under investigation – as that process can take several months before a decision is made.
  • The circumstances leading to the refusal or revocation of clearance may not immediately amount to misconduct from an employment perspective (for example, being in financial difficulty) or, where it does, might not amount to misconduct sufficiently serious to warrant dismissal.
  • The risk of discrimination claims – vetting outcomes can disproportionately affect some groups. Whilst the decision to refuse or revoke clearance may not lie with you as the employer – any employment related decision off that back of such refusal or revocation will, therefore creating a risk that any employment related decisions is “tainted” by discrimination.
  • Your business is unable to deliver on its contractual obligations to its own customers, in the absence of sufficiently cleared staff – exposing you to proceedings for breach of contract, penalties for delay or termination of the contract by the client – not to mention the risk of reputational damage.

Key takeaways

So, what practical steps can you take to mitigate some of these risks associated with employing security cleared staff – aside from avoiding the obvious “Own Goal” made by the FCDO in announcing Mandelson’s appointment as UK Ambassador before he had the necessary clearance to do the job?

Simple but key mitigations include:

  • Making clearance (and maintaining it) an express condition of employment in the contracts of employment for relevant roles.
  • Where work depends on other “permissions” – such as the permission to attend certain government sites – make it clear in the employment contract that employment can be terminated if the necessary permissions are refused or revoked.
  • Place clear contractual obligations on employees to comply with the requirements upon them as clearance holders – such as to declare all overseas travel and the refrain from travel to certain overseas locations without permission – making the potential implications for staff who fail to comply clear.
  • Have clear policies and procedures in place to deal with security clearance issues in employment. For example, ensure you have a clear data protection policy in place regarding the disclosure of information relevant to clearance, which will often be classified as sensitive personal data.
  • Review your commercial contracts to ensure you can deliver in the absence of sufficiently cleared, or timely appointment of cleared staff. Where possible, build in appropriate lead times, the right of substitution and agreed protocols – for example when the client will have the right to refuse access or permission to your employees.

How can we help you?

Related articles

View All