The Information Commissioner's Office (ICO) has formally approved the Security Systems and Alarms Inspection Board (SSAIB) as an accredited monitoring body under Article 41 of the UK General Data Protection Regulation (UK GDPR).
The accreditation, granted by Deputy Commissioner of Regulatory Policy Emily Keaney in December 2025, authorises SSAIB to monitor compliance with the Association of British Investigators Ltd (ABI) UK GDPR Code of Conduct for Investigative & Litigation Support Services. The accreditation applies solely to this specific code of conduct.
Under Article 41 UK GDPR, approved codes of conduct for private or non-public authorities must designate an independent monitoring body to oversee compliance. Monitoring bodies must demonstrate appropriate expertise, independence and robust governance arrangements, and must be formally accredited by the ICO.
SSAIB is very proud to be the first organisation to be accredited with Monitoring Body status by the Information Commissioner’s Office (ICO), this is a significant milestone that reflects the organisation’s long‑standing commitment to excellence within the security and fire sectors.
Successfully completing the ICO’s rigorous accreditation process, SSAIB has demonstrated industry‑leading levels of impartiality, competence, and professionalism, reinforcing its reputation as a trusted authority in third‑party certification.
Building on this achievement, SSAIB is now preparing to accept its first applications from May 2026, marking the beginning of a new phase of our journey.
The ABI, as code owner, previously secured approval of its UK GDPR Code of Conduct for Investigative & Litigation Support Services under Article 40 UK GDPR. SSAIB’s accreditation ensures independent oversight of organisations operating under this code.
Commenting on the accreditation, Paul Phillips Chief Executive of SSAIB said: “We are extremely delighted to receive the first ICO accreditation as the monitoring body for the ABI UK GDPR Code of Conduct. This approval reflects the strength of our governance, independence and expertise. We look forward to working closely with ABI and code members to uphold the highest standards of data protection and accountability within investigative and litigation support services.”
Emily Keaney, Deputy Commissioner Regulatory Policy, said “Achieving accreditation is a rigorous process, and SSAIB’s success reflects its strong governance, independence and specialist expertise. Now that SSAIB is the UK’s first accredited code monitoring body, this will enable the ABI code to move towards formal operation. This offers organisations involved in investigative and litigation support services a clear and practical route to strengthen data protection, demonstrate accountability and build public trust.
This is an important milestone for data protection in the UK. We hope this achievement will encourage more sectors to develop their own codes of conduct – embedding the principles of the UK data protection regime into everyday practice and driving greater consistency, stronger accountability and higher standards across industry.”
Tony Imossi, a spokesperson for the Association of British Investigators (ABI) and author of the ABI UK GDPR Code of Conduct for Investigative & Litigation Support Services, said:
“SSAIB’s accreditation by the ICO as the UK’s first approved monitoring body is a major milestone for the rollout of UK GDPR Codes of Conduct and for the investigations sector and marks a significant step forward for the ABI Code. It delivers the independent oversight required under Article 41 and gives clients and the public greater confidence that organisations operating under the Code are meeting consistently high standards of data protection, professionalism and accountability. We look forward to working closely with SSAIB as the Code moves into full operation and organisations begin applying from May 2026.”
