You hire a contractor to carry out work at your premises. Or you let a third party use part of your site for an event. Or your client asks you to send management figures to a lender before a deal completes. Nobody starts these conversations expecting a claim.
But claims rarely begin with bad intentions. They begin with an accident, a misunderstanding, a disappointed third party, or a document being used for a purpose it was never prepared for. When that happens, the question isn't whether everyone was acting reasonably at the start. It's who now carries the legal and financial risk.
That's where hold harmless letters come in. In practice, they're not legal decoration. They're a tool for deciding, in advance, who stands behind a particular risk and who doesn't. Used properly, they can narrow exposure, reduce unnecessary arguments, and support better commercial discipline. Used badly, they create false comfort.
For SMEs, that distinction matters. A signed letter may look reassuring in the file. It may still fail when challenged, or leave you with a contract liability your insurer won't pick up. That's why hold harmless letters sit alongside wider controls such as written scopes of work, incident procedures, and Safety Space risk management solutions that help businesses identify where exposures occur in day-to-day operations.
The insurance angle is just as important. Before anyone signs a clause that transfers liability, it's worth checking whether the business policy responds in the first place. A practical starting point is to review how your cover operates in contractual situations, not just accidental ones, as discussed in this guide to reviewing insurance cover.
Protecting Your Business from Unexpected Risks
A landlord lets a tenant's contractor into a unit to install equipment. A marketing agency runs a launch event in borrowed space. A consultant works on a client's premises and uses the client's systems. These are ordinary business arrangements. They also create ordinary business exposure.
The issue is rarely the obvious risk. Most owners already think about physical damage, injury, or professional error. The less obvious problem is what happens when one party says, “This wasn't my responsibility,” after something has gone wrong.
That's why many experienced business owners try to settle risk allocation before work begins. They want a written record that says who bears the consequences of a specific activity, who can rely on shared information, and where responsibility stops. A hold harmless letter can do that, but only if it is drafted with care and matched to the actual transaction.
Where the pressure usually appears
In SME work, I see the pressure points fall into a few predictable categories:
- Third-party access: Someone enters your premises, uses your equipment, or carries out work under your roof.
- Shared information: A client or adviser passes documents to a lender, buyer, investor, or supplier.
- Joint activity: Two businesses collaborate, but their insurance, staff, and operational controls sit in separate silos.
- Event risk: A short-term activity creates a long-tail problem if someone later alleges loss or injury.
A hold harmless letter is often less about mistrust and more about stopping casual assumptions from becoming expensive disputes.
A well-run business doesn't leave that to memory or goodwill. It documents it.
What Exactly Is a Hold Harmless Letter
A hold harmless letter is easiest to understand as a liability fence around a defined activity. It sets out that one party will not hold the other liable for certain claims, losses, or consequences arising from that activity, subject to the limits of the law.
Definition: A hold harmless letter is a written agreement used to allocate risk between parties by limiting when one party can pursue the other for specified losses or claims.
The two sides of the arrangement
Most hold harmless letters involve two roles:
- The party giving the protection accepts a defined level of risk and agrees not to pursue certain claims, or agrees to stand behind certain losses.
- The party receiving the protection wants to limit exposure arising from that particular activity or disclosure.
In simple terms, one side says, “If this identified risk materialises within the agreed scope, I won't try to pass it back to you in the usual way.”
That sounds straightforward. It rarely is.
The common forms you'll hear about
In practice, businesses and advisers often talk about three broad approaches.
Broad form
This is the most aggressive version. One party tries to protect itself very widely, even where its own conduct may have contributed to the problem.
That sort of drafting is where UK businesses often get into trouble. It may look commercially attractive at signing stage, but if the wording is too ambitious, too vague, or contrary to statutory limits, it becomes hard to rely on when tested.
Intermediate form
This is a more balanced model. Risk is shifted, but only within a defined range. It may deal with losses arising from one party's work or presence, while carving out areas that remain with the other side.
For many SME situations, this is closer to what works in reality. It reflects actual responsibility instead of pretending one side can contract away every possible consequence.
Limited or mutual form
This is the narrowest and often the most commercially durable. Each party remains responsible for its own actions, staff, and compliance, while the letter addresses a specific exposure such as site access, document sharing, or a short-term operational task.
What a good letter does, and what a bad one does
A good hold harmless letter is:
- Specific about the activity
- Clear about who the parties are
- Limited in scope
- Consistent with the wider contract
- Realistic about what the law will allow
A bad one relies on catch-all wording, tries to waive everything under the sun, and ignores insurance.
That's usually the difference between a useful commercial document and a file note that gives false confidence.
Legal Status and Enforceability in the UK
The first serious question clients ask is the right one. Will this hold up if something goes wrong?
Under UK law, the answer depends far less on the label “hold harmless” and far more on what the clause does. Courts look at the substance. If the wording tries to exclude, restrict, or transfer liability, its enforceability is shaped by the usual legal controls on exclusion and indemnity clauses.
The main historical framework for business users is the Unfair Contract Terms Act 1977, which has applied since 1 October 1978 and remains foundational in judging how far businesses can shift risk in written terms, especially in standard-form agreements, as outlined in this UK legal overview of hold harmless letters and UCTA.
The hard legal boundary
There is one limit that business owners should know in plain English. A hold harmless letter cannot exclude or restrict liability for death or personal injury caused by negligence under the Unfair Contract Terms Act 1977, and consumer-facing wording is also tested for fairness under the Consumer Rights Act 2015, as explained in this guide to hold harmless letters for UK businesses.
That point matters because some online templates still use sweeping language that suggests almost anything can be signed away. It can't.
If the clause tries to do more than the law permits, the signature doesn't rescue it.
What courts are likely to scrutinise
For other types of loss, enforceability turns on drafting quality and commercial reasonableness. In practical terms, the risk goes up when the letter:
- Uses vague catch-all wording instead of naming the activity or disclosure
- Shifts risk too aggressively in a standard form with no meaningful negotiation
- Conflicts with statutory duties or tries to sidestep mandatory obligations
- Fails to distinguish negligence, gross negligence, and non-waivable claims
- Doesn't identify authority and capacity of the person signing
A court isn't impressed by legal theatre. It wants to see a sensible allocation of identifiable risk between identifiable parties.
What usually improves enforceability
Businesses tend to get better results when the letter is narrow, factual, and tied to a genuine commercial purpose.
That usually means including:
A precise scope
Describe the exact task, disclosure, event, or access arrangement. General words invite argument.Defined parties
Use full legal names and make sure the signatory has authority.Governing law and related terms
If the wording is silent or inconsistent with the main agreement, it creates room for dispute.Clear carve-outs
Exclude anything that the law does not permit to be waived. If necessary, state that the clause doesn't apply to gross negligence, statutory duties, or prohibited exclusions.
Why directors should pay attention
This isn't only a legal drafting issue. It's a governance issue. Directors are expected to understand the liabilities the company is taking on, especially when signing customer, supplier, or property documents. If you're accepting contractual risk without checking whether the business can absorb it, that sits squarely within the wider responsibilities of company directors.
A hold harmless letter can be legally binding if properly drafted as a contract. It can also fail if it is broad, unfair, detached from the actual activity, or signed as an afterthought. In the UK, enforceability is not about having the document. It's about whether the document is written in a way the law will respect.
When Your SME Should Use a Hold Harmless Letter
Most SMEs don't need hold harmless letters every day. They do need to recognise the moments when one should be on the table.
Those moments usually arrive when your business allows someone else to create risk around your people, premises, information, or commercial relationships. If the arrangement is unusual, time-limited, or sits outside your standard customer terms, that's often the cue to stop and document responsibilities properly.
Situations where it makes practical sense
Take a few common examples.
A property landlord allows a tenant's specialist contractor to carry out alterations. The landlord doesn't control that contractor's staff, methods, or equipment. A carefully drafted letter can help confirm responsibility for the contractor's activities and stop later attempts to widen the landlord's exposure.
A freelancer or consultant works on a client's premises and uses the client's facilities. If something is damaged, or a third party later alleges loss arising from that work, the line between site risk and service risk can blur quickly.
An events business uses a venue, caterer, AV supplier, and temporary staff. Everyone assumes someone else's insurance will deal with problems until an incident happens and each party points to a different contract.
A particularly important use in professional services
For accountants and advisers, one of the most useful applications is information disclosure. Clients regularly ask firms to send financial information to lenders, buyers, investors, or other third parties. The commercial pressure is usually urgent. The legal risk is often underestimated.
The ICAEW describes hold harmless letters as a method for securing a third party's agreement that disclosed information was not prepared for them, that they will verify it with the client rather than the accountant, and that they will not assert claims against the accountant in relation to that disclosure, as set out in the ICAEW guidance on managing professional liability.
When information leaves its original context, liability can expand very quickly unless the recipient's reliance is controlled in writing.
That's why many firms treat this as standard risk procedure, not as an aggressive legal move.
A simple trigger list
Consider a hold harmless letter when the arrangement involves:
- Third-party reliance on your documents outside the original engagement
- Access to premises or equipment by people you don't supervise directly
- Temporary collaborations where no full contract exists
- Contractor activity that could generate injury, damage, or disruption claims
- Special events or one-off projects that don't fit your ordinary trading terms
If one party says, “We'll sort that out if anything happens,” that's usually a sign the issue should be sorted out before anything happens.
Hold Harmless vs Indemnity vs Insurance
A common problem shows up after the incident, not before it. A customer contract includes a hold harmless clause, the job goes ahead, damage occurs, and the business assumes its insurer will pick up the cost. Then the insurer points to the policy wording and says the liability was accepted under contract, not under the business's ordinary legal duty.
That is the gap SMEs miss.
A hold harmless clause tries to stop one party bringing certain claims against the other. An indemnity goes further. It creates a payment obligation if a defined loss, claim, or liability arises. Insurance is separate again. It is a policy between you and your insurer, and it only responds if the wording, limits, conditions, and exclusions line up with what you signed.
Risk Management Tools Compared
| Tool | Primary Purpose | Who is Involved | Key Consideration |
|---|---|---|---|
| Hold harmless letter | Restricts claims between parties for a defined risk | The contracting parties | It needs clear scope and may be limited by UK law |
| Indemnity | Makes one party pay for specified losses or claims | The contracting parties | It can be drafted more widely than the loss you would otherwise owe at law |
| Insurance | Covers insured losses under a policy | Business and insurer | It may not cover liabilities you accepted voluntarily in a contract |
The commercial difference matters. A hold harmless clause is defensive. An indemnity is financial. Insurance is funding, but only where the policy responds.
The insurance point that gets missed
In practice, I treat the contract and the insurance schedule as two halves of the same risk decision. If they are reviewed separately, businesses sign liabilities they have not insured.
That happens often with public liability and contractors' liability policies. Many policies cover liability you would have had in the ordinary course of business, but treat assumed contractual liability more narrowly. A broad indemnity in favour of a landlord, venue, client, or main contractor can leave you paying from cash flow if the policy does not extend to that promise. For a practical overview of what insurance cover a company should consider, review the cover before you agree the wording, not after the claim.
Practical differences in a live dispute
If a hold harmless clause is drafted narrowly, it may help shut down a claim between the parties. If an indemnity is drafted broadly, it can require payment even where the other side would have struggled to recover that amount in court without the clause.
That is why indemnities deserve more attention than they usually get. They often pick up legal fees, third-party claims, clean-up costs, delay losses, or damage linked only indirectly to the original incident. Those are real pounds off the bottom line.
Insurance then becomes a separate coverage question. The other party can still pursue you under the contract while your insurer investigates whether the policy responds.
Do not treat insurance as a substitute for drafting
Insurance helps fund covered losses. It does not repair poor wording in a contract.
If the risk involves property damage, interruption, or disputed causation, claim preparation also affects the result. Businesses dealing with physical loss can learn useful lessons from specialist guidance on navigating storm damage insurance claims, particularly on documenting damage and presenting evidence early.
Practical rule: Before signing any hold harmless or indemnity wording, check three points together. What have you agreed to pay, what claims are being waived, and whether your insurer has actually agreed to cover that exact exposure.
Practical Drafting Guide and Template
A useful hold harmless letter is short enough to read, precise enough to enforce, and narrow enough to defend. Most of the trouble comes from letters that try to cover everything and therefore explain nothing.
Before drafting, decide what risk is being addressed. Is it site access, document disclosure, equipment use, event participation, or contractor activity? If you can't state that in one sentence, the letter usually isn't ready.
What to include
A practical checklist should cover the following:
Full party details
Use legal names, addresses, and company numbers where relevant.Defined activity or disclosure
Say exactly what is happening. “All matters arising between the parties” is too broad.Risk allocation wording
State what claims are being limited or who bears defined losses.Carve-outs and legal limits
Make clear that nothing in the letter excludes liability where the law does not allow it.Governing law and jurisdiction
This helps avoid procedural argument later.Signatory authority
A signature from someone without authority can create avoidable doubt.Record keeping
Keep the signed version with the related contract, emails, and insurance review notes.
Educational template
This template is for education only. It is not legal advice, and it should not be used as a plug-and-play document. A solicitor should tailor any hold harmless letter to the specific facts, contract structure, and insurance position.
Sample wording
Date: [insert date]
Parties:
This letter is made between [Party A full legal name] of [address] and [Party B full legal name] of [address].
Activity covered:
This letter applies only to [describe the specific activity, disclosure, site access, project, or event] taking place on or about [date(s)] at [location].
Acknowledgement and risk allocation:
[Party A / Party B] acknowledges that the information, services, access, or activity described above is provided only for the stated purpose. Subject to the exclusions below, [Party A / Party B] agrees that it will not assert claims against [the other party] arising from that specific activity except to the extent permitted under this letter.
Exclusions:
Nothing in this letter excludes or restricts any liability that cannot lawfully be excluded or restricted. This letter does not apply to [gross negligence, fraud, breach of statutory duty, or any other agreed carve-outs].
Reliance and scope:
No person other than the parties to this letter may rely on it unless expressly stated in writing.
Governing law:
This letter is governed by the law of [England and Wales / Scotland / Northern Ireland].
Authority:
The signatory confirms that they are authorised to sign on behalf of the relevant party.
Signed:
Name:
Title:
For and on behalf of:
Getting the draft into usable shape
The first draft is rarely the final draft. Many businesses use legal support staff to organise versions, track changes, and assemble execution packs before solicitor review. If you need help with that process, Paralegal Assistants can be useful for document preparation support, although final legal wording should still be checked by a qualified lawyer.
The commercial aim is not to sound tougher. It is to be clearer.
Key Implications for Your SME
Hold harmless letters can be valuable. They are not magic.
For most SMEs, the practical lessons are these:
- Use them for defined risks, not general anxiety. If the activity isn't clear, the drafting won't be either.
- Assume enforceability will be tested. Overreaching wording often weakens the protection you thought you had.
- Check insurance before signing. Contract liability and insured liability are not automatically the same.
- Keep the paperwork joined up. The letter, the main contract, the scope of work, and the policy wording should point in the same direction.
- Get legal advice where the exposure is material. That cost is usually far smaller than an uninsured dispute.
The core value of hold harmless letters is discipline. They force both parties to say, in writing, what risk is being accepted and where responsibility ends. That alone can prevent expensive ambiguity.
If you're reviewing contract risk, insurance implications, or wider commercial exposure in your business, Stewart Accounting Services can help you look at the practical financial impact before you sign. For customized support on business risk, reporting, and SME decision-making, visit Stewart Accounting Services.