Understanding SERMI
Modern vehicles are increasingly protected by advanced security systems such as immobilisers, key programming modules, and encrypted software. For independent garages, accessing these systems has become difficult without manufacturer level authorisation.
That’s where SERMI comes in.
SERMI, short for Security-related Vehicle Repair and Maintenance Information. This allows independent garages and technicians to securely obtain vehicle manufacturers’ security-related repair data without going through multiple OEM approval systems.
In the UK, the scheme is operated by RMI Standards & Certification (RMISC), and the official website is sermi.co.uk.
Why SERMI UK Matters
SERMI gives independent garages equal and secure access to vital security-related data, obvious functional system will be affected, such as:
• Key and immobiliser programming
• ECU and module replacement
• Anti-theft coding and software updates
However, consider a simple issue, such as a window fault, and the diagnostic process leads you to an issue with the body controller module. Because this component also controls the security system of the vehicle, that component will also fall under the scope of SERMI.
Without this access, independent garages risk being locked out of general day to day diagnostics procedures and repairs, losing revenue to other SERMI registered competitors or franchised dealers.
The SERMI scheme ensures:
• Access is controlled, verified, and secure
• Garages undergo audits and background checks
• Technicians (IO: Independent operators) are individually approved and traceable
• Single sign on for access to all OEMs security related RMI (Repair & Maintenance Information)
This gives both OEMs and customers confidence that sensitive vehicle data is handled responsibly.
Who Runs SERMI in the UK?
SERMI in the United Kingdom is managed by RMISC (RMI Standards & Certification), an ISO-accredited body that oversees:
• Approvals for independent operators (IOs)
• Authorisation of individual employees (IOEs)
• Audits, renewals, and compliance monitoring
Is SERMI Live in the UK Yet?
On the 28th August 2025, the IGA announced, “The IGA is proud to announce a watershed moment for the UK’s independent automotive sector. Following multiple days of extensive audits with the regulatory body, UKAS. The recommendation for approval has now been received for the launch of the Security-related Repair and Maintenance Information (SERMI) scheme in the United Kingdom.”
The full press release can be found here.
On the 3rd September 2025, the IGA announced that sermi.co.uk
“We anticipate the scheme will go live later this year, with a high volume of applications expected once the system opens. Businesses that register now will be among the first to gain access, helping them avoid delays and secure a competitive edge.“
The full press release can be read here.
How to Apply for SERMI Authorisation in the UK
Independent garages and their employees must both be approved.
Submit an Expression of Interest – Visit sermi.co.uk and complete the online “Apply Here” form to start your application.
Gather Required Documents:
• Proof of business ownership
• Evidence of public liability insurance
• DBS (Disclosure and Barring Service) checks for authorised staff
• Proof you operate within the automotive sector (e.g. invoices, trade memberships)
• A signed self-declaration confirming lawful operations
Certification and Access
Once approved by RMISC, the IO receives a certificate, and each employee (IOE) gets an individual digital credential through an app on your phone. These are used when logging into OEM systems to access restricted RMI.
Ongoing Audits
The RMISC will conduct both scheduled and unannounced audits during the 5-year authorisation period. Misuse or data breaches can result in the revocation of your account.
What Happens If You Don’t Get SERMI Approval?
Once manufacturers begin enforcing SERMI access (some manufacturers already have a separate SERMI login), non-approved garages may lose the ability to:
• Program or replace keys and immobilisers
• Update or replace ECUs and security modules
• Carry out certain diagnostics or calibrations
As connected vehicles become the norm, these restrictions could remove an entire category of work from independent businesses.
Getting ahead of the rollout means you’ll be ready the moment OEMs go live.
Final Thoughts
SERMI represents a landmark step for the aftermarket: a single, trusted, and audited pathway for independent service providers to access vehicle security data.
While it’s still in rollout, early preparation will protect your workshop from future access restrictions and position your business as a trusted, compliant, and professional operator in the connected vehicle era.
How does SERMI affect Opus IVS as a Remote Service supplier?
For us to be able to carry out any security related Remote Service jobs on a vehicle once SERMI is live, you will need to be SERMI registered. Without your business and your technicians being registered with SERMI, we will be unable to carry out a Remote Service.
What will SERMI allow Opus IVS to do?
• Key coding
• New Engine and body controller ECU replacement
• Replacement of any security related component
| Abbreviation | Meaning |
| RMI | Repair and Maintenance Information |
| IO | Independent Operator (i.e. a workshop or garage not tied to a vehicle manufacturer) |
| CAB | Conformity Assessment Body — the body that audits and certifies IOs / technicians under SERMI |
| TC | Trust Centre — the digital certificate authority for SERMI (e.g. Digidentity is the Trust Centre) |
| RSS | Remote Service Supplier — third party providing remote access to diagnostic/repair services, also requiring SERMI accreditation for security-sensitive tasks |
Visit sermi.co.uk today to get started and secure your place in the future of automotive repair.