What Is Vicarious Liability?

vicarious liabilty

Clients in the UK can still be held legally liable for the actions of their security contractors when vicarious liability applies — especially where the contractor’s work is closely connected to the client’s business activities. This doctrine is well‑established in English law and reinforced through multiple Supreme Court cases.

Vicarious liability is a legal principle that makes one party responsible for the wrongful acts of another, even if the first party has done nothing wrong. In UK law, it most commonly applies to employers being liable for employees — but it can also extend to relationships akin to employment, including some contractor arrangements.

Two conditions must be met:

  • A qualifying relationship — usually employer/employee, but can include contractors if the relationship is sufficiently close or controlled.

  • A close connection between the wrongful act and the work being carried out.

This is crucial for security clients: even when hiring an external security company, the law may still treat the relationship as close enough to impose liability.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Why Clients Can Still Be Liable for Security Contractors

1. Control and Integration Into the Client’s Operations

The UK Supreme Court has repeatedly emphasised the importance of control when deciding whether a contractor is truly independent. If the contractor’s work is integrated into the client’s business — such as guarding premises, interacting with the public, or enforcing site rules — the relationship may be considered “akin to employment.” This principle was reinforced in X v The Lord Advocate (2025), which highlighted that vicarious liability depends heavily on the degree of control and the nature of the working relationship.

2. Close Connection to the Client’s Enterprise

Security work is inherently part of a client’s operational risk profile. Courts have held that organisations benefiting from an activity should bear the cost of harm arising from it. This reasoning appears in cases such as:

  • Lister v Hesley Hall Ltd (2002) — established the “close connection” test.

  • Various Claimants v Catholic Child Welfare Society (2012) — extended liability to relationships “akin to employment.”

  • Mohamud v WM Morrison Supermarkets (2016) — confirmed liability for employee assaults closely connected to their role.

Although these cases are not about security contractors specifically, the principles apply directly: if a contractor’s actions arise from the role they were hired to perform, liability may fall on the client.

3. Independent Contractor Defence Is Limited

The Supreme Court has clarified that true independent contractors fall outside vicarious liability — but only where they operate with genuine independence. Barclays Bank v Various Claimants (2020) confirmed that organisations are not liable for the acts of a contractor who is genuinely independent and not under the organisation’s control.

However, many security contracts involve:

  • Site‑specific instructions

  • Behavioural expectations

  • Reporting requirements

  • Integration with client systems

These factors weaken the “independent contractor” defence.

Even when outsourcing security, clients may still be liable for:

  • Excessive use of force

  • Negligent patrols

  • Wrongful detention

  • Damage to property

  • Data breaches caused by security personnel

This is because the law views security as part of the client’s enterprise risk — and clients are often better placed to insure against that risk.

How Stance Security Helps Reduce Client Vicarious Liability Risk

At Stance Security, we design our operations to protect clients from exposure by ensuring:

  • Rigorous vetting and training

  • Clear operational procedures

  • Transparent reporting

  • Strong supervision and compliance

  • Insurance coverage aligned with industry standards

While no contractor can remove liability entirely, a professional, well‑managed security partner significantly reduces the likelihood of incidents and strengthens your legal position.

Conversations With Prospective Clients....

Following a recent meeting with a prospective client, a nightclub looking to outsource its door supervision—we encountered a common misconception.

Even after we clarified the nuances of vicarious liability, the nightclub remained convinced that using a subcontractor absolved them entirely from responsibility. They believed that by outsourcing their door supervision, they no longer had any liability for the actions of those security personnel. It’s a key reminder that venues must understand that subcontracting doesn’t erase their duty of care or legal responsibility.

Furthermore, if door supervisors act inappropriately or engage in misconduct while working on behalf of the venue, there can still be legal repercussions that trace back to the venue itself. So, doing your due diligence is essential, ensuring that the company you’re working with is credible, that they carry out screening to BS 7858 standards, and that they provide staff training that’s fit-for-purpose and in line with the Health and Safety at Work Act.

Final Thought

Vicarious liability means clients cannot assume that outsourcing security removes their legal responsibility. 

The law focuses on control, integration, and risk creation — all of which often point back to the client. Working with a compliant, well‑structured security provider is the most effective way to mitigate that risk.