Superyacht and Luxury Yacht Security | CloseProtectionHire

The superyacht represents a unique security environment. It combines a mobile private residence with a complex crew structure, global range, and exposure to maritime threat environments that vary from negligible to severe depending on routing. Close protection planning for a principal aboard a superyacht involves different variables than corporate travel security: the vessel itself becomes the security perimeter, the crew are both operational assets and potential insider threats, and the maritime environment creates evacuation and MEDEVAC challenges that require specific pre-planning.

This article addresses the security framework for large private yachts and superyachts – typically vessels over 24 metres in length with professional crew – operating in international waters.

The Regulatory Baseline: MCA Large Yacht Code 3

The IMO ISPS Code (International Ship and Port Facility Security Code, 2003) applies mandatorily to commercial vessels of 500 gross tonnes and above on international voyages. Most private superyachts fall outside this mandate as pleasure craft. However, the MCA Large Yacht Code 3 (LY3, 2012) governs UK-flagged commercial yachts of 24 metres and above, incorporating safety and security provisions appropriate to the operation of large yachts with professional crew.

For superyachts operating in regions of elevated maritime security risk – the Red Sea, Gulf of Aden, Gulf of Guinea, Strait of Malacca, Sulu Sea – an ISPS-equivalent voluntary framework is the recognised practice. This means: a documented Ship Security Assessment, a Ship Security Plan, a designated Ship Security Officer (typically the First Officer), and periodic drills. Vessels registered under flags of convenience that lack robust national maritime administration oversight should maintain this framework independently.

Crew Vetting: The Primary Insider Threat Control

A professional superyacht crew typically numbers 10-30 for a vessel in the 50-80 metre range. The crew have: continuous unsupervised physical access to the vessel; access to the principal’s schedule, communications and travel plans; access to the safe and high-value items aboard; and extended proximity to the principal’s family, including children.

The deck officer hierarchy requires the most thorough pre-engagement vetting. The Master has absolute authority aboard and complete situational awareness of the principal’s movements. The vetting standard should include:

Criminal records check via the relevant national authority (DBS Enhanced Certificate for UK-based crew, FBI background check for US-connected crew, or equivalent via the flag state’s registry). Employment reference verification via direct telephone contact with named referees – email-only references are insufficient. STCW (Standards of Training, Certification and Watchkeeping) certificate verification via the flag state’s MSIS database or ITF CertTracer. Social media review by an OSINT-qualified practitioner. Financial background check where legally permissible.

Galley and steward staff – the interior crew – have intimate daily access to the principal’s family, their routine, dietary information, medical notes and personal effects. The vetting standard for steward staff should match the standard applied to household staff at a secured private residence. Crew agency due diligence – verifying the agency’s own vetting practices, asking for vetting documentation on agency-sourced personnel, and confirming reference verification was conducted by telephone – is a necessary step.

The seafarers’ identity documentation for non-EEA crew should be verified against Seafarers’ International Register (SIR) or equivalent national authority records. The ITF (International Transport Workers’ Federation) provides crew welfare guidance and can be a useful reference for identifying reputable crewing agencies.

Regional Threat Picture: Current Piracy and Maritime Crime

Red Sea and Gulf of Aden: The Active Conflict Environment

The Houthi campaign against commercial and private shipping in the Red Sea, which began in earnest in November 2023, represents the most significant change to the global maritime threat picture in a decade. Unlike traditional piracy, this involves state-proxied asymmetric warfare capabilities: anti-ship missiles, drone strikes, helicopter boarding operations and vessel seizures. By early 2025, over 50 vessels had been attacked.

FCDO, IMO Maritime Safety Committee Circulars and UKMTO (United Kingdom Maritime Trade Operations) all advise against passage within 200 nautical miles of the Yemeni coast. IMB Annual Report 2024 documents the ongoing impact on commercial shipping routing and the displacement of vessels to the Cape of Good Hope route. Any superyacht routing that involves the Red Sea, Bab-el-Mandeb Strait or Gulf of Aden requires: current UKMTO advisory review; UKMTO registration at maritimesecurity.transport.gov.uk; a credible independent security assessment; and charter party or owner review of insurance coverage validity in the area.

Gulf of Guinea: Reduced but Not Resolved

West African piracy – primarily in the Gulf of Guinea, with a historical concentration in the Niger Delta and offshore Nigerian waters – has shown a significant reduction since 2021. IMB Annual Report 2024 records the improvement. The Nigerian Navy’s VAAST (Vessel Attestation and Assistance Service for Tracking) programme, enhanced CRESMAC/MOWCA regional coordination, and increased commercial shipping security measures collectively drove the reduction.

The risk is not resolved. Crew abduction from vessels operating in anchorage or transiting the Nigerian offshore sector remains documented. Deepwater anchorage positions, night navigation discipline and vessel track monitoring via Zone 9 of the IMO’s piracy reporting system remain appropriate precautions.

Strait of Malacca and Sulu Sea

The Strait of Malacca carries one of the world’s highest maritime traffic densities and a persistent low-level maritime crime profile: boarding incidents, theft from anchored vessels, and in eastern Sabah/Sulu Sea waters, a documented armed maritime kidnapping risk. Abu Sayyaf Group (ASG) operations from Philippine waters extend into Malaysian Sabah coastal areas. FCDO advises against travel to the eastern coastal areas of Sabah by sea.

For superyacht routing through Southeast Asia, the Strait of Malacca transit (Singapore to Phuket corridor) carries manageable risk with appropriate night navigation discipline. Eastern Sabah coastal anchorage positions should be avoided.

Mediterranean: Organised Theft, Not Piracy

The Mediterranean does not present piracy risk in the IMO sense. It does present organised theft from anchored and marina-berthed vessels in certain areas. Palma de Mallorca, Antibes, Croatian marinas and some Turkish coastal marinas have documented histories of organised theft from superyachts: dinghy and tender outboards, watersports equipment, EPIRB and safety equipment, electronic devices left accessible. Counter-measures are vessel management and physical security rather than maritime security – secure storage, overnight lighting, anchor watch.

AIS and Location Privacy

Automatic Identification System (AIS) transponders are legally required on commercial vessels above specified thresholds and are increasingly fitted on large pleasure craft. AIS transmits vessel identity, position, course and speed in near-real-time. The data is publicly accessible via marinetraffic.com, vesseltracker.com and similar platforms.

For superyachts carrying high-profile principals, this means real-time location intelligence is available to anyone with internet access. A journalist, a hostile intelligence service, a kidnap planning operation or a media organisation can track the vessel’s position continuously.

The legal options for AIS privacy vary by flag state, jurisdiction and international regulation. SOLAS Chapter V imposes the regulatory framework for commercial vessels. For large private yachts, the flag state’s national maritime administration position and the specific coastal state regulations for the waters being transited determine what is permissible. Maritime security advisers with flag state registry expertise can advise on voyage-specific AIS management options.

Port Security and Marina Intelligence

Pre-arrival security assessment of each port and marina is standard practice for vessels operating with a security adviser. Relevant factors include:

The marina’s access control arrangements (gatehouse, CCTV, fingerprint/badge access vs open access). The local crime intelligence for vessel theft and robbery. The principal’s profile risk in that location. The proximity of accommodation to public access points. Shore-based surveillance indicators (repeated observation from same position, photography of the vessel from shore, prolonged tender proximity).

UKMTO, IMB and the relevant port authority publish port security advisories. For P1 city destinations – Istanbul’s Bosphorus anchorages, Dubai Marina and Abu Dhabi, Manila Bay – local intelligence from established charter operators and marina security staff supplements published sources.

Communications and SATCOM

Superyachts operating beyond coastal radio range require satellite communications as the primary external communications architecture. Iridium Certus provides voice and broadband data via the LEO constellation with global coverage. Starlink Maritime provides high-bandwidth internet connectivity and has become standard on newer superyachts. Inmarsat Fleet Xpress provides VSAT broadband for vessels requiring high-bandwidth operations.

For security operations, the communications architecture must support: encrypted voice communications between crew and security team; shore-side monitoring capability; check-in protocol with a designated shore contact; and emergency MAYDAY and SAR coordination via the GMDSS (Global Maritime Distress and Safety System) framework.

MEDEVAC: Medical Emergency at Sea

Medical evacuation from a vessel at sea depends on the vessel’s position relative to SAR helicopter range, the flag state’s SAR coordination centre capability, the nature of the medical emergency and the weather conditions.

Within the EEA and UK maritime search and rescue regions, HM Coastguard (for UK waters) and national SAR authorities coordinate emergency response. Helicopter MEDEVAC range from a shore base is typically 200-250 nautical miles in favourable conditions – meaningfully less in adverse weather. Vessels operating beyond this range, including Atlantic crossings and Indian Ocean routing, require vessel-based primary care capability.

The vessel medic or medically trained crew member is a baseline requirement for any extended offshore voyage. For superyachts operated by HNW principals, a qualified advanced trauma life support (ATLS) practitioner or remotely supervised offshore medic is appropriate. International SOS and Global Rescue both provide offshore maritime response coordination and can advise on vessel medical capability standards for specific routing plans.

For vessels operating in the Indian Ocean, Red Sea, or South Atlantic without helicopter SAR cover, the ISO 31030:2021 medical assessment baseline requires documented pre-departure assessment of medical evacuation options including alternate ports of refuge and their medical infrastructure.

For broader coverage of maritime security operations, see our guide to maritime security for vessels and personnel. For combined air and sea private transport security, see private aviation and superyacht security. For HNWI principals who combine private aviation with superyacht operations – including ADS-B tail number OPSEC and FAA LADD enrolment, FBO tarmac access control, hangar security, MRO provider vetting, and the ground transfer window as the highest-risk period in a private aviation movement – see our hangar and FBO security guide for private aviation. For HNWI principals travelling on luxury cruise lines – ISPS Code obligations, Red Sea Houthi rerouting considerations, port calls in P1 cities, and the personal security discipline that applies in a shared passenger environment – see our security for luxury cruise passengers guide. For the broader commercial maritime security framework – BMP6, Gulf of Guinea piracy, Red Sea Houthi attacks, PMSC vessel protection detachments, and offshore platform security – see our guide to maritime security for shipping and offshore operations.

James Whitfield is a Senior Security Consultant with maritime security experience across European, Middle Eastern and South Asian waters. This article draws on IMB Annual Report 2024, IMO ISPS Code 2003, IMO BMP5 2018, MCA Large Yacht Code 3 2012, ISWAN 2024, ITF Seafarers’ section 2024, MAIB Annual Report 2024, Control Risks Maritime Intelligence 2025, FCDO maritime advisories April 2026, UKMTO advisories 2025, US Fifth Fleet/Combined Maritime Forces 2025, and ISO 31030:2021.