Stricter security requirements for companies doing business with the Dutch government
Category: Commercial contracts, Defence industry, Distribution agreements, Investment laws
From 1 January 2026, new security requirements will apply to companies that carry out assignments for the Dutch government that pose risks to national security. These requirements are included in the General Security Requirements for Central Government Contracts (ABRO). The government’s aim is to reduce risks to national security, for example from cyber attacks and espionage. With the introduction of the ABRO, the same security requirements will soon apply to various government organisations. These additional requirements apply alongside other procedures designed to safeguard the integrity of the government, such as Bibob (integrity) screening.
Key changes to security requirements (ABRO 2025)
A uniform set of security requirements (ABRO 2025) will apply to all public contracts awarded by central government and the police that involve risks to national security.
Compliance with ABRO 2025 will be monitored by the National Bureau for Industrial Security (NBIV), a partnership between the AIVD and the MIVD.
Dutch Cabinet tightens security rules for public contracts
The Dutch government is introducing stricter security conditions for some public contracts. This involves approximately 400 new rules that will apply to around 10% of all contracts. The aim of these stricter rules is to provide better protection against cyber attacks, espionage and disruptions to vital services, partly due to increasing international tensions.
New requirements for government contracts as of 1 January 2026
The new requirements will apply to new contracts with the police and the Ministry of General Affairs as of January 2026. Other ministries and their agencies will have two years to implement the rules. In time, the government wants municipalities, provinces, parliament and independent administrative bodies – such as the Chamber of Commerce – as well as companies in vital sectors (e.g. drinking water companies) to apply these conditions too. Employers’ organisations VNO-NCW and MKB-Nederland have expressed serious concerns about the impact of these measures. They recognise the importance of national security, but fear a significant increase in regulatory pressure and longer lead times. This is at odds with the outgoing government’s intention to significantly reduce regulation.
Uniform security requirements for public procurement
According to employers’ organisations, the new requirements mainly put small and medium-sized enterprises at a disadvantage, but the wider business community is also affected.
The Ministry of the Interior emphasises that the regulatory burden will not increase across the board. The measures are partly intended to create uniform conditions, as government organisations often apply their own rules at present. Companies will notice the impact of the new rules. Anyone who has a contract under the General Security Requirements for Central Government Contracts (ABRO) and outsources work must ensure that suppliers and subcontractors also comply with these requirements. This principle already applies to defence contracts. Read here about the procedure for defence equipment contracts.
The Ministry of Defence applies strict security standards to companies that carry out sensitive contracts. This defence standard is now being applied more broadly to all government contracts involving security risks, according to outgoing Minister Ruben Brekelmans.
Stricter security conditions for government procurement
With the introduction of the new requirements, the government aims to ‘make a significant contribution to limiting risks to national security in public procurement,’ Ministers Brekelmans and Rijkaart (Home Affairs) wrote to the House of Representatives.
The full list of measures has been published on the Ministry’s website. It is in line with the existing defence rules (ABDO, 2019), which include physical security requirements such as burglar-resistant glass, steel doors and combination locks. The new set contains additional provisions, for example on cloud storage and the use of AI applications.
Companies that are eligible for contracts involving security risks will receive an overview of the measures required to comply with the ABRO standard. This will be followed by an assessment by the National Bureau for Industrial Security, in which the AIVD and MIVD collaborate.
Special performance conditions for government contracts and reporting obligations
After the assessment, the security requirements are included as special performance conditions in the contract. Companies that sign such a contract are required to report any changes within the company, such as a takeover, share transaction or incidents (e.g. a break-in). In such cases, a reassessment will follow. If the ABRO conditions are no longer met, the contract may even be terminated.
Employers’ organisations VNO-NCW and MKB-Nederland argue that the business community has not been sufficiently involved in the development of the proposal. They urge the ministries to make the rules more workable in order to prevent a further decline in the number of registrations. In addition, the organisations express concerns that government agencies will apply the requirements more often than strictly necessary. (Source: FD)
Blenheim advises and litigates on commercial contracts and public procurement. We are happy to share our expertise with you.