diff --git a/api/bcd_request.py b/api/bcd_request.py
index 0f16a347f022768e2066b126c4ed84f0a7374a39..6065e797732c172682d5906b5e71d0a912a78f4a 100644
--- a/api/bcd_request.py
+++ b/api/bcd_request.py
@@ -2,7 +2,7 @@ from fastapi import APIRouter, Depends, HTTPException
 from starlette import status
 
 from api import get_conn
-from model.bcd_request import BCDRequestModel
+from model.bcd_request import BCDRequestModel, BCDProtectionRequirements, BCDSystemType
 from model.wapi.cntl import APIToken, Mgr
 from util.auth import check_auth
 
@@ -22,3 +22,49 @@ async def handle_request(bcd_request: BCDRequestModel, token: APIToken = Depends
         return "Success"
 
     raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR)
+
+
+def validate_bcd_request(bcd_request: BCDRequestModel) -> bool:
+    # TODO: Check if provided user is part of the specified group
+
+    if (bcd_request.protection_requirement == BCDProtectionRequirements.SPECIAL and
+            bcd_request.protection_requirement_note is None):
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail='A description of the special protection requirement is required.'
+        )
+    elif (bcd_request.protection_requirement == BCDProtectionRequirements.SPECIAL and
+          bcd_request.protection_requirement_note is not None and
+          len(bcd_request.protection_requirement_note.strip()) == 0):
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail='A description of the special protection requirement is required.'
+        )
+
+    if bcd_request.type_of_system == BCDSystemType.OTHER and bcd_request.type_of_system_note is None:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail='A detailed description of the system type other must be provided.'
+        )
+    elif (bcd_request.type_of_system == BCDSystemType.OTHER and bcd_request.type_of_system_note is not None and
+          len(bcd_request.type_of_system_note.strip()) == 0):
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail='A detailed description of the system type other must be provided.'
+        )
+
+    if bcd_request.type_of_system == BCDSystemType.SERVER and bcd_request.load_balancer is None:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail='You must provide load balancer info for server systems.'
+        )
+
+    if (bcd_request.type_of_system == BCDSystemType.SERVER and
+            bcd_request.protection_requirement == BCDProtectionRequirements.LEVEL_2 and
+            bcd_request.load_balancer is True):
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail='Load balancers are not supported with level two protection requirements.'
+        )
+
+    return True
diff --git a/model/bcd_request.py b/model/bcd_request.py
index 773dfce74571feaf513e9b01e3934645605ff03a..bd17701ddecfd9356cc8437427d68a52a0b6cb6d 100644
--- a/model/bcd_request.py
+++ b/model/bcd_request.py
@@ -34,7 +34,7 @@ class BCDRequestModel(BaseModel):
     protection_requirement_note: Optional[str] = Field(default=None)
     type_of_system: BCDSystemType = Field()
     type_of_system_note: Optional[str] = Field(default=None)
-    load_balancer: bool = Field()
+    load_balancer: Optional[bool] = Field(default=None)
     bcd_name: str = Field()
     access_to_internet: bool = Field()
     access_from_internet: bool = Field()