Bailey & Associates - Manufacturing IT Strategy & Leadership
020 3435 9075

IT Strategy for UK Chemicals Manufacturers: COMAH, REACH and Process Safety

An effective IT strategy chemicals manufacturers UK programme has to do something most generic IT strategies skip: align technology decisions directly to the COMAH safety case, REACH compliance, and OG86 cyber expectations, while still running 24/7 reactors, distillation columns and packing lines. With around 4,100 UK chemical businesses operating under intense cost pressure, a 60% drop in chemical output since 2021, and HSE inspectors increasingly evaluating cyber controls inside the Major Accident Prevention Policy, IT now sits squarely inside process safety.

IT strategy chemicals manufacturers UK control room dashboard with process plant reactors and storage tanks

Last updated: 6 May 2026

What an IT strategy chemicals manufacturers UK roadmap must cover

The UK chemical industry remains structurally critical, with 4,100 businesses spanning the supply chain from feedstocks to consumer products, according to the Chemical Industries Association (CIA). The CIA’s most recent business survey shows the sector under unprecedented pressure: in Q4 2025, 38% of companies reduced headcount, 37% saw sales fall, and 87% expect at least a year of weak trading. UK chemical production fell almost 40% between 2021 and 2024, and total output is down around 60% since 2021. The strategic implication is clear: every pound of IT spend now has to deliver compliance, resilience and operational margin in equal measure.

An IT strategy chemicals manufacturers UK programme therefore has to cover seven domains that other sectors can treat more lightly:

  • Process-manufacturing ERP with batch, recipe, regrind, blending and yield management.
  • Real-time shop-floor data from reactors, distillation columns, blenders and packaging lines.
  • Lot and batch traceability across raw materials, intermediates, in-process and finished goods.
  • REACH, CLP and SDS compliance data, plus customer-specific declarations and chain-of-custody evidence.
  • COMAH MAPP and safety case integration, including HSE OG86 cyber expectations.
  • OT cybersecurity aligned to NCSC, IEC 62443 zones and conduits, and Cyber Essentials Plus.
  • Supply chain visibility for hazardous materials, including transport, storage and emergency response data.

Treating any of these as a side project is the most common failure mode. The job of the IT strategy is to bring them onto a single roadmap, with one technology leader accountable for the whole.

How COMAH and OG86 reshape the IT strategy chemicals manufacturers UK plan

The Control of Major Accident Hazards (COMAH) Regulations implement Seveso III into UK law and apply to thousands of UK chemicals, petrochemicals and pharmaceuticals sites. Under HSE COMAH guidance, operators must maintain a Major Accident Prevention Policy (MAPP) and a structured Safety Management System covering organisation, hazard identification, operational control, management of change, emergency planning, monitoring, audit and review.

HSE Operational Guidance OG86 gives inspectors a clear lens for evaluating cyber risk inside that safety case. For a UK chemicals manufacturer, OG86 means the IT strategy chemicals manufacturers UK plan has to evidence:

  • Identification of all OT assets and networks within the COMAH boundary.
  • Controlled, authenticated access to industrial control and safety systems, with phishing-resistant MFA at the OT boundary.
  • Clear ownership and governance of cyber risk at board level, not delegated to the MSP.
  • Logging and continuous monitoring of user and vendor activity in IACS environments.
  • Integration of cybersecurity controls into the MAPP and Safety Management System rather than in a separate “IT” silo.
  • Evidence of structured cyber risk assessments and lifecycle change control on safety-critical systems.

The implication is that the IT director, fractional CIO or virtual CISO has to attend MAPP review meetings alongside SHE and operations leadership. Cyber and process safety are now the same conversation.

Process-manufacturing ERP and the chemicals shop floor

Discrete-manufacturing ERPs converted to chemicals are usually a poor fit. UK chemicals manufacturers should expect their ERP to handle, natively:

  • Multi-level recipes with active ingredient calculations, density, viscosity and assay data.
  • Batch and lot management across raw materials, intermediates, regrind and rework.
  • Yield and shrinkage tracking, by-product and co-product handling, and reverse BOMs for distillation.
  • Quality control and LIMS integration, including in-process testing, certificates of analysis (CoAs) and digital batch records.
  • Compliance content for REACH dossiers, CLP labelling, SDS authoring, and country-specific labelling for export markets.
  • Tank and silo management, with weighbridge, level sensor and inventory reconciliation.
  • Traceability at component, batch and SKU level, supporting recall in hours and full chain-of-custody evidence.

Common UK choices include process-led platforms such as Infor M3 and CloudSuite Industrial, SAP S/4HANA Process, Aptean Process Manufacturing, BatchMaster and specialist chemicals suites. The ERP decision and the shop-floor data plan should be designed together, not in series.

REACH, CLP and the data the regulator actually asks for

UK REACH compliance creates a continuous data demand on the IT estate: substance registration, dossier maintenance, supplier declarations, downstream-user notifications and SDS authoring. The IT strategy chemicals manufacturers UK plan should treat REACH and CLP as data flows, not paperwork, with clear ownership and tooling for:

  • Material master data quality with CAS numbers, hazard classifications and supplier evidence.
  • SDS authoring tools tightly integrated with ERP and labelling, supporting all required UK and EU languages.
  • Customer-specific declarations (RoHS, REACH SVHC, Conflict Minerals, Modern Slavery) generated from the same master data.
  • Document management for supplier declarations, technical specifications and chain-of-custody evidence.
  • Audit-ready records that survive HSE, Environment Agency and customer inspections years after dispatch.

Manual spreadsheet-based REACH compliance scales poorly and is the most common cause of audit findings in UK chemicals. The strategy should explicitly retire those spreadsheets within the planning horizon.

OT cybersecurity in a chemicals plant: where IEC 62443 lives

The combination of COMAH, OG86, NCSC OT guidance and IEC 62443 turns OT cybersecurity into a board-level concern for any UK chemicals manufacturer. Practical priorities for an IT strategy chemicals manufacturers UK plan in 2026:

  • OT asset inventory. Every PLC, DCS controller, HMI, SIS device and IIoT gateway documented and owned.
  • Zones and conduits. An IEC 62443 zone model that segregates safety-critical, control, supervisory and corporate networks, with defined data flows and conduits between them.
  • Push-only data flows. Production data flows up to IT and the cloud; control commands do not flow back without strict, authenticated, logged paths.
  • Vendor remote access. Time-boxed, MFA-protected, fully logged access for instrument and equipment vendors. No standing VPN tunnels into the DCS.
  • Patching and lifecycle management. Where patching is impractical, compensating controls and monitoring carry the load.
  • Incident response runbooks. Tested scenarios for cyber events that could cause loss of containment or runaway reactions, integrated with the COMAH emergency plan.
  • Continuous monitoring. SIEM coverage of OT logs and connectivity, with alerts to both IT and SHE on-call.

This work belongs inside the safety case, not alongside it. UK manufacturers that treat cyber as a separate domain are the ones HSE has been most willing to challenge during inspections.

Sustainability, energy and the cost pressure on UK chemicals IT

UK chemicals manufacturers are running into rising energy costs, decarbonisation pressure and weak trading conditions. The CIA’s data shows a sector still under acute strain, with 38% of companies reducing headcount in late 2025. The IT strategy can help directly, with:

  • Real-time energy and utilities monitoring at reactor, line and site level.
  • Integration of energy data into the ERP and SECR reporting flow.
  • Predictive maintenance on rotating equipment to reduce unplanned downtime.
  • Process-twin and simulation use cases for yield, energy and emissions optimisation.
  • Vendor and contract consolidation across IT, MSP, ERP partners and instrumentation.
  • Targeted automation for routine compliance work (SDS updates, REACH dossier maintenance, customer declarations).

None of this is exotic technology. It is a disciplined IT strategy chemicals manufacturers UK programme applied to a sector that needs every operational percentage point it can find.

How to choose a partner for a UK chemicals IT strategy

Generic fractional CIO firms rarely understand process manufacturing, COMAH or OG86. When choosing a partner, look for:

  • Real chemicals or process-manufacturing experience, including blending, distillation and reactor environments.
  • Working knowledge of COMAH, OG86, REACH, CLP and IEC 62443.
  • OT cyber experience inside a 24/7 hazardous process environment.
  • Vendor independence: no commission on ERP, MES, LIMS, SDS authoring or OT vendors.
  • Fixed-fee retainers, no long-term tie-in, board-ready communication.
  • Track record with HSE inspections, Environment Agency permits and major customer audits.

If the candidate cannot describe how they would integrate cyber controls into a MAPP or how recycled-content evidence is captured at batch level, they are not yet ready for a UK chemicals engagement.

Frequently Asked Questions

What does an IT strategy for a UK chemicals manufacturer have to cover?

It must cover process manufacturing ERP with batch and recipe management, real-time shop-floor data capture from reactors, distillation columns and packing lines, lot and batch traceability for raw materials, intermediates and finished goods, REACH and CLP compliance data, COMAH safety report and MAPP integration, OT cybersecurity aligned to HSE OG86 and IEC 62443, and supply chain reporting. It is broader than a generic manufacturing IT strategy because cyber and IT failures can directly trigger major accidents under COMAH.

How does COMAH affect IT strategy for chemicals manufacturers?

COMAH (Control of Major Accident Hazards) Regulations require operators of UK chemicals sites to maintain a Major Accident Prevention Policy (MAPP) and a Safety Management System. HSE inspectors use Operational Guidance OG86 to evaluate cybersecurity within the safety case, including IACS asset identification, controlled access, monitoring, governance and integration of cyber controls into the safety management system. The IT strategy must therefore align directly with the MAPP, not run separately.

Which ERP and digital tools are most commonly used by UK chemicals manufacturers?

UK chemicals manufacturers typically run process-manufacturing ERPs such as Infor M3 or CloudSuite Industrial, SAP S/4HANA Process, Aptean Process Manufacturing, BatchMaster or specialist chemical suites. These integrate with LIMS for quality, MES or DCS for production, electronic batch records, REACH and SDS authoring tools, and increasingly digital twin and process-simulation platforms. Sector-specific configurations almost always beat generic, distribution-led ERP for UK chemicals.

What cybersecurity standards apply to UK chemicals manufacturers in 2026?

At a minimum, UK chemicals manufacturers should align to Cyber Essentials Plus, the NCSC Operational Technology guidance and the January 2026 Secure Connectivity Principles for OT, IEC 62443 for industrial control system security, and HSE OG86 where they are COMAH establishments. ISO 27001 is increasingly expected by enterprise customers, and NIS2 flow-down from EU customers and the upcoming UK Cyber Security and Resilience Bill widen the obligations further.

Take the Next Step

If you are a UK chemicals or process manufacturer wrestling with COMAH, REACH, ERP renewal or OT cybersecurity, Bailey & Associates can build the IT strategy chemicals manufacturers UK roadmap with you. We work exclusively with UK manufacturers, on a fixed monthly retainer from £2,000 per month with no tie-in and cancel-anytime terms. Fifteen-plus years of UK manufacturing IT experience including hazardous process environments, vendor-neutral, board-ready. Learn more about our manufacturing IT services or book a free discovery call today.

Related Articles

Picture of David Bailey

David Bailey

David Bailey is the founder and principal consultant at Bailey & Associates, an independent IT consultancy built exclusively for UK manufacturers. With over 15 years of experience at the intersection of IT strategy and manufacturing operations, David provides fractional CIO/IT Director services, ERP advisory, IT/OT integration strategy, and vendor management to manufacturing businesses across the UK. He currently serves as IT Director at the UK Sailing Association (UKSA) alongside his consultancy work, bringing a live, operational perspective to every engagement. His career began in the military at 18, and he brings a structured, disciplined approach to IT leadership, project governance, and technology decision-making. David is vendor-independent, manufacturing-specialist, and committed to transparent pricing.

Ready to Add a Fractional Data Director to Your Team?

Take the first step — get your free readiness score or book a discovery call.

Take Scorecard
Book a Call