What is the ‘value-add’ of the ICoCA? That question surfaced occasionally at the margins of the successful annual meeting of the International Code of Conduct Association, the Swiss-based non-profit association that brings together industry, civil society, and governments to promote responsible, rights-respecting provision of private security services. The question of the ‘value-add’ is in reference to what additional benefits accrue to private security companies (PSCs), who are members of the ICoCA and submit themselves to its certification, monitoring, and grievance requirements, over solely gaining certification to the management systems standards for private security operations. To remind readers of this blog, certification to those standards – ANSI/ASIS PSC.1: 2012 and ISO 18788: 2015 – as well as submission of additional human rights-related information is currently the route to gaining ICoCA certification. PSCs hire third-party certification bodies to audit them to the management standards for which they receive a certificate.
To my mind, the ‘value-add’ of the ICoCA seems obvious. The global governance literature, which examines collective efforts (with and beyond states) to address world-wide problems, speaks to the value of multi-stakeholder initiatives. Among other things, multi-stakeholder governance ensures that relevant voices are heard, improves transparency, encourages innovative and effective solutions to problems, and generally increases the perceived legitimacy of an initiative. Yet, skeptics do not seem convinced.
Then I ran across a book chapter that I think makes a clear case for the ‘value-add’ of the ICoCA. The chapter, “The International Organization for Standardization as a Global Governor: A Club Theory Perspective,” by Assem Prakash and Matthew Potoski appears in the volume Who Governs the Globe? edited by Deborah D. Avant, Martha Finnemore, and Susan K. Sell. The ICoCA and the management system standards, ANSI/ASIS PSC.1 and ISO 18788, are examples of “clubs” created to address problems which states alone cannot or will not govern. They promise to deliver to club members and external parties certain positive benefits. For club members, the biggest benefits are better internal management, which can result in cost savings and risk mitigation, and improved reputation, which can attract clients. External parties, whether clients of the member companies or other stakeholders, can be assured that member companies are living up to ‘beyond-compliance’ standards.
That seems fairly obvious. But the problem with clubs is that they can lead to collective action dilemmas. Two in particular stand out: recruitment, i.e. attracting adequate numbers of participants, and shirking, i.e. ensuring that participants meet the club’s requirements. Attracting an adequate number of PSCs, especially small and medium sized ones, has been an ongoing discussion within the ICoCA. The chapter does not offer insights on how to do this, but it does discuss the value of a large membership in terms of realizing the branding benefits that accrue to PSCs who join the club. Clubs gain high levels of participation by “offering affordable standards which firms can profitably adopt.” However, participation should not be traded off against the stringency of standards. Prakash and Potoski warn that for club members to gain reputational and other benefits, external parties need to view clubs as credible in terms of their commitment to high standards accompanied by effective enforcement.
This brings us to the second collective action dilemma, shirking. How does one ensure that the standards members commit to are actually upheld? Simply put, through monitoring and enforcement. However, not all monitoring and enforcement programs, which the chapter dubs “swords,” are created equal. There are “strong swords,” which require third-party audits, public disclosure, and sanctioning mechanisms, “medium swords,” which necessitate third-party audits and public disclosure, and “weak swords,” which only require auditing. Prakash and Potoski, using the environmental standard ISO 14001 as a case study, argue that ISO 14001 is an example of a “weak sword club,” because ISO “is not known to sanction shirkers aggressively, and the absence of public disclosure of audit information weakens stakeholders’ ability to sanction shirking.”
Readers probably see where I am going with this. Like ISO 14001, ANSI/ASIS PSC.1 and ISO 18788 by themselves are “weak sword clubs.” In contrast, the ICoCA requires member PSCs to submit themselves to field-based monitoring, provide self-reporting, and participate in the grievance process. If companies do not do so, they can be sanctioned up to expulsion. The ICoCA also provides public annual reporting. The ICoCA is a “strong sword club.” If PSCs want to accrue all the reputational benefits, and associated commercial benefits, of participating in clubs meant to demonstrate their adherence to the law and human rights norms, then they need to be part of a “strong sword club.” The ICoCA is currently the only available “strong sword club” for the private security industry.