For Clubs · Federations · Organisations

"What action did you take?"
Have an answer.

When a player or club official is threatened, the question comes. From the board. From the press. From the insurer. With documented processes aligned with DIN SPEC 14027 and ISO 18788, you have one. Security at your club is not left to chance - it is demonstrable.

Florian Sprengel · Founder Lead Security Intelligence & Investigations, NASDAQ-listed corporation
Expert assessor for white-collar crime
Principles as the foundation

Squads change. Coaches change. Identity remains.

Squads, coaches, league positions and media dynamics change constantly. What carries a club over the years is its self-image - a framework of values that makes clear what the club actually stands for:

-a clear set of values that is not renegotiated with every transfer window,

-long-term guardrails that make decisions easier in a crisis,

-an outward image built on real decisions - not on press releases.

The risk profile in professional sport

Why legal advice alone is no longer enough.

The threat landscape has become professionalised. Lawyers, press offices and law enforcement do excellent work - but they all need a solid foundation, and that foundation is not created once the situation has escalated. Reacting only once the damage is public leaves players and management unprotected - up to and including personal liability.

01 · Compliance & duty of care

The liability trap

If something happens to a player or club official - digitally or physically - and no documented protective measures are in place, it becomes legally dangerous. The and the make prevention a duty. Without this demonstrable structure based on DIN/ISO standards, board members and managing directors can be personally liable with their private assets in a serious case.

02 · Reconnaissance & burglary

Physical escalation

Public match schedules and the social media profiles of your people make the entire club operation predictable. Anyone seeking a personal advantage at your expense may exploit every freely available piece of information - without compromise and up to the edge of legality. Public data turns into movement patterns, patterns into concrete points of attack and ideas. The danger starts online - and it may end at your employees' front doors.

03 · Reputation & extortion

Loss of control

Targeted doxing, identity theft or complex extortion scenarios can hit players and club officials personally. Once an incident is public, it takes a great deal of work to contain it again. What matters is intervening early: defusing the situation before it escalates, instead of limiting damage afterwards.

The situation

Three questions you need a documented answer to.

Not in a crisis. Before.

Talk in confidence
Question 01

What have you done for the safety of your players?

When a player is threatened - or worse - the club is asked. Without documented duty of care based on a recognised standard, the answer "We didn't know" is a liability risk.

Question 02

How do you protect your club officials?

Board members, sporting directors, press officers, security officers - but also referees, coaches and staff are publicly exposed, often without a security team of their own. One controversial decision, and the threats reach family and home address. Organised defamation campaigns are real threats, not hypothetical ones.

Question 03

Would your insurance pay in a serious case?

Example: a D&O insurance (directors' and officers' liability insurance for boards and managing directors) can reduce or refuse payment if a breach of duty of care can be demonstrated. Documented security processes are your evidence in the event of a claim - and can lower the premium.

Liability protection · ISO 18788

In a serious case, you can demonstrate that you acted with due care.

ISO 18788 is the international standard for private security operations. Those whose work is guided by it can demonstrate: "We acted in line with the recognised state of the art."

DIN SPEC 14027 is a current documented standard for corporate security (published by DIN, March 2026). It closes the previous gap of a standard for physical security - relevant for close protection, threat management, internal investigations and integrity checks.

Together they are your shield: in press enquiries, in the event of a claim, in liability discussions, in insurance negotiations - and in sales conversations with new clients and sponsors.

Also for clubs with in-house security

Build or buy? We are the product you can buy.

Building your own monitoring system in-house means months of IT setup, licences, interfaces and staff training - plus ongoing maintenance and vendor risks. We deliver the same result, ready to use.

Build · in-house

Build your own system

  • 6-12 months implementation time
  • Licences, interfaces, maintenance
  • Hire & train additional internal staff
  • IT risk: vendors, updates, data leaks
Buy · We.Protect.Football.

Buy a finished product

  • Ready to use immediately, no IT project
  • Alerts and dossiers as the deliverable
  • No interface into your internal systems
  • No IT risk - handover via data room

Also for clubs with their own security department: we deliver what is hard or slow to build internally - continuous monitoring, OSINT investigation, handover-ready documentation. You receive a product, not an IT project.

And should a case go to court: you do not have to disclose your own systems. You hand over documents from an external provider as evidence - clean separation, no disclosure of internal infrastructure.

We operate in the background - quietly and without restricting your public life. The protection stays effective without becoming visible.

Talk in confidence
Concrete services

What guides our work: DIN SPEC 14027 and ISO 18788.

DIN SPEC 14027 is a current documented standard for corporate security; ISO 18788 the international standard for private security operations. This framework guides our work - here are exemplary topic blocks, applied to everyday club operations.

Where we bring in partners · Network disciplines
01 · Referral within our network

Close protection

Example: after an unpopular transfer, a sporting director receives threats referencing his home address.

A discipline of its own for security specialists. We refer you to specialised close protection professionals in our network and coordinate the handover.

02 · Referral within our network

Threat management

Example: a referee is targeted and threatened on X for weeks - the case shifts from the online world into the real one.

Structured case management belongs in specialised hands. We refer you to experienced threat managers and stay involved as stakeholder coordinator.

03 · Referral within our network

Legal advice

Example: a defamation campaign reaches a scale that requires a media law response.

We do not give legal advice. If no lawyers have been retained yet, we refer you to our network - including law firms specialising in media law.

How we see our role

We know our limits.

Threat management and close protection are disciplines of their own - and we have experts for them in our network. Bringing in and orchestrating the right stakeholders is part of our consulting service. Like a good doctor who refers instead of experimenting: we bring in the right specialist before anyone starts at the wrong end.

The difference

Who documents. Who sends warnings. Who investigates.

Hate speech detection and compliance protection for clubs are offered by a handful of providers in Germany. Detection and investigation from a single source - almost no one. Some send automated cease-and-desist letters. Others filter and report. We deliver documented duty of care - and chains of evidence documented to a recognised standard.

Cease-and-desist providers
Reporting NGOs
We.Protect.Football.
Insider threats
Not covered
Not covered
Escalation chain without involving potential suspects
Documented duty of care
Warning-letter list per incident
Statistics reports
DIN SPEC 14027 + ISO 18788 - audit-ready
Handover to authorities
Own cease-and-desist letters - no handover
Platform reporting
Handover-ready dossier - no need to disclose your own systems
Background
Law firm
Tech / NGO without a security background
Ex-police · Ex-domestic intelligence · NASDAQ corporate security
Talk in confidence
What rarely gets said out loud

Some risks at a club nobody talks about.

A Bundesliga club is a mid-sized company with revenues in the tens of millions - but rarely with the forensic depth to see through the uncomfortable risks. Precisely where things get delicate, the trained eye is often missing.

01

When closeness is sought

Around a player, closeness is often built deliberately - feigned interest, seemingly chance encounters, favours. Who is behind it and what interest is being pursued can be examined before closeness turns into influence.

02

Organised structures in the environment

Who has what access to the club, what interest, what history. Closeness is not proof of trustworthiness.

03

Investor & contract review

Reading shareholdings, balance sheets and advisor structures like an investigator - not like a bookkeeper.

These topics do not belong in standard monitoring. They call for someone who has investigated white-collar crime - and stays discreet. If such a topic is on the table at your club: confidential mandate on request.

Frequently asked questions

What clubs and federations ask most often.

Why should a club buy in security instead of building it internally?

An in-house security department with OSINT expertise, monitoring and evidence preservation costs staff, time and constant training - capacity most clubs do not need at full utilisation all year round. As an external partner, we deliver the same depth as a purchasable service, tailored to the specific case, without you having to maintain a department.

We have had no incidents so far - do we even need this?

"We have no cases" usually just means: you have not seen them yet. As soon as footballers are in the spotlight - through success, failure or media coverage - incidents and wrongful acts become statistically unavoidable. Those who do not look still have them - they just do not see them. What matters is opening low-threshold channels through which such cases become visible early and therefore manageable.

What happens when a club does not take a threat seriously?

A single threat is easy to dismiss. Only methodical analysis shows whether there is a pattern behind it - recurring senders, escalation, cross-links to further content. Those who recognise and document this early can act before words turn into deeds. Those who ignore it stand without evidence when damage occurs.

How does documentation based on DIN/ISO standards help in a serious case?

Standards such as DIN SPEC 14027 and ISO 18788 provide a recognised framework against which protective measures can be measured. Documentation guided by these standards shows that you proceeded in a structured, reviewable way - towards authorities, insurers and internally within the club.

Can you also protect an entire squad or federation on an ongoing basis?

Yes. In addition to investigating individual cases, we set up continuous monitoring - for individual exposed persons or the entire squad. You receive regular reports and are informed early about relevant developments, instead of only once a crisis has hit.

How does working with a club start?

With a confidential initial consultation. We clarify the need, define scope and evidence objective, and agree on confidentiality and the engagement - with a non-disclosure agreement if requested. Only then do you decide whether we act on an individual case or on an ongoing basis.

Contact

If you are wondering whether to call - that is already the occasion.

Confidential. Open-ended. We clarify whether we are the right fit for your club. If not, we will tell you.

1530 Intelligence
We.Protect.Football. We.Protect.Creators. We.Protect.Media.