JOSCAR
The defence supplier registration database operated by Hellios; the defence equivalent of Constructionline and Achilles UVDB.
Definition
JOSCAR (Joint Supply Chain Accreditation Register) is the defence supplier registration database operated by Hellios. Members maintain a comprehensive profile covering financial standing, technical capability, security compliance, quality management, and defence sector-specific capabilities. JOSCAR is the defence equivalent of Constructionline and Achilles UVDB: a sector-specific supplier intelligence platform that consolidates pre-qualification data and is widely required for tendering with MOD and major defence contractors. Membership is required for many defence procurements above defined value thresholds.
How it works in practice
JOSCAR covers defence-specific assurance requirements alongside general PQQ topics: export control compliance, security clearance status, defence cybersecurity (Defence Cyber Protection Partnership scheme alignment), and quality assurance to defence-relevant standards (often AS9100 for aerospace, NQA-1 for nuclear). Membership tiers reflect the depth of assurance. Higher tiers require evidence of specific certifications and ongoing compliance audits. Membership is required by MOD and many tier 1 defence prime contractors (BAE Systems, Lockheed Martin UK, Babcock, QinetiQ, Thales UK, Leonardo, MBDA UK) for their tier 2 and tier 3 supply chains. For SMEs entering defence supply chains JOSCAR membership is typically the first significant compliance investment after general business setup. The cost scales with company size and tier; for entry-level membership the cost is comparable to Constructionline. Hellios also operates similar industry-specific platforms (Achilles UVDB for utilities, Joscar for defence, and others); the operating model and supplier user experience is similar across platforms. KimonBids tracks JOSCAR-requiring frameworks and alerts members to renewal deadlines.
Common questions
Do I need JOSCAR to bid for defence contracts?
For most MOD direct procurements above defined value yes. Many tier 1 defence primes also require JOSCAR for their tier 2 and tier 3 supply chains. Below defined value thresholds and for some specialist categories JOSCAR may not be required but equivalent assurance (financial standing evidence, security clearance, quality certifications) typically is.
How is JOSCAR different from List X?
JOSCAR is a supplier registration database covering general defence procurement assurance. List X is the MOD registration of suppliers cleared to hold classified material on their premises. List X has a much narrower scope (sites cleared to OFFICIAL-SENSITIVE and above) and much higher compliance cost. Many defence suppliers hold JOSCAR but not List X; some hold both depending on the work they support.
What is the Defence Cyber Protection Partnership?
A scheme requiring defence suppliers to undergo a cyber risk profile assessment and implement controls proportional to the assessed risk. The scheme is part of the wider defence cybersecurity assurance regime alongside Cyber Essentials Plus and ISO 27001. JOSCAR records DCPP status as part of the supplier profile.