Tag Archives: Montreux Document

Tools for Effective and Responsible Contracting of Private Security Services

Private security companies provide services to a range of clients operating in complex and high risk environments. Increasingly state actors, to include international organizations, as well as private actors, such as companies and humanitarian assistance and human rights organizations, utilize private security providers to manage risks to their people, projects, and assets. However, if the wrong private security provider is hired, this could pose its own risks. Fortunately for clients of the private security industry, a number of tools are being developed under the leadership of the Center for the Democratic Control of Armed Forces’ Public Private Partnership Division (DCAF) that can assist with procuring private security providers that not only effectively provide quality services, but also respect human rights throughout their operations.

As noted in a previous blog post, this past July DCAF released a study detailing good practices related to States’ and international organizations’ procurement and contracting of private security services entitled Putting Private Security Regulation Into Practice: Sharing Good Practices on Procurement and Contracting 2015-2016. The study breaks down the five stages of the procurement process and provides examples of best practices for each based on the experience of a number of the Montreux Document supporting states and international organizations. The Montreux Document is the first international declaration to detail international human rights and humanitarian law obligations and good practices for states contracting security services during armed conflict and beyond. (The declaration also addresses home and territorial states as well.) DCAF serves as the Secretariat of the Montreux Document Forum and supports efforts to foster implementation of Montreux Document commitments.

Now DCAF is broadening its efforts and developing contracting guidance for private sector clients of the security industry. Earlier this month DCAF, together with the International Committee of the Red Cross, SociosPeru, and Peace Nexus, released Recommendations for Hiring Private Security Providers. Based on a pilot project with extractive companies and other stakeholders in Peru to support implementation of the Voluntary Principles on Security and Human Rights, the Recommendations detail how a company can carry out due diligence in its engagement with a private security provider from the solicitation, notice, and bidding process through to monitoring, enforcement, and accountability of the provider. The Recommendations offer detailed bullet points on the types of information Requests for Proposal should solicit in bid submissions, such as information about employees, training, equipment, and performance track records. The Recommendations also include suggested criteria for excluding or granting an award, contract provisions, and key performance indicators that can be used to monitor security providers, although these could have been more productively captured as positive goals rather than a list of violations for security providers to avoid. Interestingly, although the Recommendations state that companies should undertake a thorough risk assessment and develop a security plan prior to the bidding process, a similar recommendation is not made to private security providers suggesting that they undertake a human rights impact assessment and develop plans to manage and prevent risks. That being said, one can infer that would occur should a company limit itself to contracting with private security providers certified to security operations management system standards (ANSI/ASIS PSC.1 or ISO 18788) or by the International Code of Conduct Association, all of which require human rights risk assessment.

A second DCAF initiative currently under development is a Contract Guidance Tool which aims to support humanitarian non-governmental organizations, as well as states, international organizations, and other clients with incorporating human rights requirements into their contracts with private security providers. A recent blog post on the European Interagency Security Forum’s website announced the launch of a consultative process to solicit input from clients about their current contracting practices. Humanitarian organizations in particular are requested to fill out a questionnaire on their general contracting frameworks, contract award processes, contractual terms, and contract monitoring and accountability in order to facilitate the creation of the Contract Guidance Tool. This will be an important effort to support since, as of yet, no detailed contracting recommendations for humanitarian organizations exist. Furthermore, it is in the vested interest of the humanitarian community, which increasingly relies on security providers, to ensure that those providers align with their humanitarian missions and respect human rights in their security operations.

New Tools for States and Companies Assist with Better Governance of the Private Security Industry

V3 Cover pictureIn the last few months, the Geneva Centre for the Democratic Control of Armed Forces (DCAF) has released three new tools to help States better regulate private security companies (PSCs) and PSCs ensure the responsible provision of security services. An international foundation headquartered in Geneva, DCAF has distinguished itself for the leading role it has played in fostering private security governance by providing research and practical tools, promoting the sharing and implementation of regulatory best practices, and supporting the development of international consensus on norms and standards for the industry.

First, in its role as Secretariat for the Montreux Document Forum (MDF), DCAF issued in June a Legislative Guidance Tool for States to Regulate Private Military and Security Companies. The MDF was established to assist States with implementing the legal obligations and Good Practices outlined in the Montreux Document on pertinent international legal obligations and good practices for States related to operations of private military and security companies during armed conflict (Montreux Document) by sharing lessons learned and best practices. Currently the MDF has 53 participating States and three international organizations (EU, NATO, OSCE). The Legislative Guidance Tool was presented to the MDF participating States as a resource for implementing their Montreux Document commitments in national laws and regulations. However, whereas the Montreux Document is primarily applicable to States’ governance of private military and security companies (PMSCs) during armed conflict (although with relevance beyond armed conflict), the Legislative Guidance Tool has a wider remit recognizing that the privatization of security services is equally prevalent in the domestic context. Therefore, the Tool has the dual purpose of capturing existing national legislation, policies, and best practices, as well as offering guidance to lawmakers to develop and improve national legislation to bring it in line with international obligations and recognized good practices. It draws on the guidance in the Montreux Document, but also a range of other hard and soft law international frameworks.

As the Legislative Guidance Tool points out, “existing national laws are not always clear on how a State’s international human rights obligations apply to and govern the operations of PMSCs.” The Tool breaks down the national regulatory framework into seven areas that may pose challenges. These revolve around key issues such as including an explicit expectation that companies respect human rights, determining the applicability of legislation in terms of defining the scope of the industry and ensuring adherence extraterritorially, and making determinations about what types of services are permitted and prohibited. Other issues addressed include establishing an authority that is enabled to oversee and control PMSCs’ activities, creating laws to authorize and license companies, and vetting and selection of PMSCs for States that contract with PMSCs. The final two chapters address incorporating provisions into national legislation that address the obligations of PMSCs and their personnel to take steps to avoid committing harmful acts, and that ensure adequate accountability for harms and effective remedies for victims of abuses.

In all, 32 separate challenges are identified and analyzed, and recommendations and examples of good practice are provided to address them. Armed with such detailed guidance on the nature of effective legislation, the MDF could move beyond being primarily a dialogue forum and could push for legislative reform by requiring member States to report annually on their progress in implementing their Montreux Document commitments and assessing those reports against these good practices.

Second, honing in specifically on good practices related to States’ and international organizations’ procurement and contracting of private security services, DCAF also recently released a scoping study entitled, Putting Private Security Regulation Into Practice: Sharing Good Practices on Procurement and Contracting 2015-2016. The study examines how the power of the purse string offers one strategy for ensuring better private security governance. Four key international regulatory initiatives, three directly relevant to private security (the Montreux Document, the International Code of Conduct for Private Security Service Providers, and the draft of a possible convention on PMSCs) and one with broader applicability to all companies (the UN Guiding Principles on Business and Human Rights), have established that States can use their extensive commercial transactions as a means to promote respect for human rights by companies.

The study breaks down the five stages of procurement and provides examples of best practices for each drawing on key contracting States’ (US, Switzerland, and Australia) and international organizations’ (EU, UN, NATO, and OSCE) experiences. The five stages of public procurement are 1. Needs Assessment, Authority, Scope of Application and Principles, 2. Solicitation and Notice, 3. Evaluation of Potential Contractors, 4. Contract, and 5. Monitoring, Enforcement, and Accountability. A notable contribution of the study are the annexes providing concise summaries of the procurement regulations of the EU, UN NATO, and OSCE. What is not addressed in the study is the extent to which these types of procurement best practices are actually being implemented across the broader set of Montreux Document participating States, and whether contracting authorities are adequately trained and resourced to ensure high human rights related standards in contracts and sufficient monitoring and accountability; these latter shortcomings in adherence to the Montreux Document were raised by DCAF in a report last year, Progress and Opportunities: Challenges and Recommendations for Montreux Document Participants.

Finally, DCAF has been equally involved in participating and supporting various multi-stakeholder initiatives, such as the Voluntary Principles on Security and Human Rights, and developing tools and other resources to assist companies operating in high risk environments with meeting their human rights responsibilities. Last month, together with the International Committee of the Red Cross, DCAF released the third version of its online toolkit Assessing Security and Human Rights Challenges in Complex Environments, which is available on the Security and Human Rights Knowledge Hub. Human Analytics has blogged in the past on earlier versions of the Toolkit. Much like other DCAF tools, the Toolkit is structured around challenges, in this case those that companies face when operating in complex environments such as working with host governments, public security forces, and private security provides. The Toolkit identifies “real-life” operational challenges and provides good practices and recommendations to address them, as well as practical tools, such as checklists, case studies, and additional resources, many of which are available on the Knowledge Hub. It is imminently useful and readily accessible, as users can simply click on a particular challenge they face, which will take them to a page with recommendations to address that challenge.

The most recent version of this “living document” contains an updated Chapter 1 Working with host governments, as well as a completely new chapter, Chapter 4 Working with communities, which addresses managing relations with local communities. As the Toolkit rightfully notes, maintaining positive relations with local communities, which is essential to a company’s social license to operate and can bring reputational gains as well as mitigate operational risks, can be difficult to achieve. Companies often face resistance because of long standing grievances related to the operating context which have gone unaddressed such as “employment, land, environment, compensation, resettlement, and negative legacies from previous company projects.” The chapter details a total of 18 challenges related to strategies for stakeholder engagement; the means to share information and effectively consult and elicit consent; internal management challenges related to stakeholder engagement; and the security impacts of operations on local communities and, from the reverse perspective, the community’s impact on company security. The chapter also offers some overarching recommendations that highlight the importance of understanding the local context and adequately assessing related risks, which includes understanding the stakeholder landscape. Local stakeholders’ comfort with participation increases with engagement processes that are inclusive, transparent, responsive to local communities needs and interests, respectful of local culture, and involve communities in identifying problems and creating solutions. Stakeholder engagement is an ongoing process relevant throughout the lifecycle of an activity and can involve a significant amount of resources and time. However, not doing it well can be just as costly, if not more.

The release of DCAF’s new tools provide evidence that the security industry and its stakeholders have largely found consensus on the normative expectations for the responsible provision of security services, both in terms of State obligations as regulators and clients of the industry and corporate responsibilities to respect human rights. But even more so, they demonstrate that we are moving beyond a phase of expectation setting into a new phase of practical implementation. These tools from DCAF can aid both States and PSCs in this new phase, if they are applied. It is the collective responsibility of the industry, governments, civil society, and other stakeholders to make sure this happens.

The Viability of Multi-stakeholder PSC Regulation

Individuals that follow the regulation of Private Security Companies (PSCs) will be particularly interested in Dr. Sorcha MacLeod’s recently published article, Private Security Companies and Shared Responsibility: The Turn to Multistakeholder Standard-Setting and Monitoring through Self-Regulation-‘Plus’.

MacLeod focuses on both the merits and questions concerning recent international multi-stakeholder initiatives related to PSC standards, certification, and oversight, specifically the Montreux Document, the International Code of Conduct for Private Security Providers (ICoC), the  International Code of Conduct Association (ICoCA), and ANSI/ASIS PSC.1-2012 Management System for Quality of Private Security Company Operations  (PSC.1), deliberately walking through each of these efforts and the intended role and interrelated nature of each.

Taken together she deems these multi-stakeholder processes for regulation of PSCs the “self-regulation-plus” approach because of the involvement of not only industry, but also states and civil society organizations.  However, MacLeod concludes, among other points, that this approach “is not the definitive solution.” In the end she feels that unless several cited issues with the current approach are adequately addressed “the likely effectiveness of the ICoC and ICoCA human rights model as applied through a standard such as PSC.1” remains an open question.

It is in the interest of all – the PSC industry itself, as well as the states, commercial enterprises, and NGOs that utilize PSCs – to have effective and universally accepted standards, certification, and oversight frameworks. MacLeod’s stated significant concerns (listed below with comments) with the new PSC regulatory mechanisms should be reviewed carefully and taken into consideration by each of the three member pillars of the ICoCA (states, industry, civil society) as well as by the commercial and NGO entities that utilize PSCs. The latter are not well represented in the state-client focused ICoCA.

State involvement and support. The ICoCA oversight mechanism must be perceived as strong and functional. In the United States, conformance with the PSC.1 standard is now required by the Department of Defense for all contracted private armed security overseas and the Department of State has recently stipulated in its largest protective services solicitation that each bidder must confirm compliance with the requirements set forth in PSC.1 (as well as demonstrate that it is a member in good standing with the ICoCA).  In the United Kingdom, the Foreign Commonwealth Office has stipulated PSC.1 compliance for overseas contracted security services. MacLeod questions how the ICoCA, with its focus to the state clients of PSCs, can be extended to the other commercial and NGO clients of PSCs.

Ability to deal with non-certified and rogue PSCs. Furthermore, MacLeod queries how the ICoCA can contend with non-certified PSCs. She makes the case for states to weigh in to encourage PSC clients in the NGO and commercial sectors to use only ICoC compliant PSCs.

Scope of the certification. MacLeod recommends that clients of certified PSCs know the scope of their PSC’s certification. Is the company globally certified to the PSC.1 standard or is the scope of the certification limited to a specific operating unit or geography?

Auditor competence. MacLeod stresses that certifying auditors must be competent in human rights. The human rights elements in PSC.1 are significant and require the use of auditors with suitable expertise. Additionally, it can also be argued that it is essential that PSCs draw upon human rights expertise themselves if they are to fully and adequately develop, implement, and sustain the human rights components of the PSC.1 standard. Failing to sufficiently develop, implement, and sustain the human rights risk management provisions of the PSC.1 will be corrosive to the credibility of the PSC’s certification as well as a significant undermining factor in demonstrating their responsibility to respect human rights and prevent adverse impacts.

Human Rights Impact Assessments. MacLeod highlights the current lack of clarity on how a PSC should assess human rights risk and impacts and what tools they should use to do so. She is spot on here. While PSC.1 does not explicitly require PSCs to conduct human rights risk and impact assessment (HRRIA), human rights is a specified component of the risk assessment process. As part of the risk assessment process, PSCs have the opportunity to conduct an HRRIA to identify specific human rights risk exposure and develop the processes to address each risk. PSC.1 also requires the establishment of a complaint and grievance mechanisms with external stakeholders. An effective HRRIA conducted with the cooperation and involvement of the local impacted community can greatly facilitate this process. HRRIAs are an imperative part of the overall risk assessment process and should be conducted as part of every pre-deployment survey or advance party at the tactical and operational level. Like security, human rights risk mitigation is most effective when it is developed and integrated at the initial project planning stage and not implemented as a “bolt on” or reactionary activity.

Client awareness, education and training. This certainly requires a greater awareness effort and MacLeod rightfully argues that the effectiveness of PSC.1 certification will be dependent upon the extent to which all clients, government, commercial, and civil society, understand the certification process. The ICoCA, with its multi-stakeholder three-pillar approach, can, and undoubtedly will, be instrumental in this regard.

By identifying areas of perceived potential weakness with the multi-stakeholder process as it currently now stands, MacLeod goes a long way in spotlighting the specific areas that must be addressed in the short term if a credible and viable “self-regulation-plus” PSC industry regulatory mechanism is to continue for the long term.

 

Swiss Law on Private Security Companies Contributes to Protection of Human Rights

On June 24, the Swiss government published a detailed decree relating to the Swiss law on Private Security Companies (PSCs) and announced that it will go into effect on September 1, 2015. The Swiss government, through its Federal Department of Foreign Affairs (FDFA), has taken the lead in fostering international consensus on regulation for PSCs through its two-part Swiss Initiative. Phase one, carried out in conjunction with the International Committee of the Red Cross, was an effort to create a non-binding declaration directed at states that contract with PSCs and are home to them, as well as the territorial states where they operate. The resulting Montreux Document, released in September 2008, recalls the existing international humanitarian and human rights law obligations of states with regards to the activities of private military and security companies during armed conflict, and elaborates good practices to assist states in meeting those obligations. Phase two of the Swiss Initiative focused on developing an international code of conduct and accompanying governance and oversight mechanism for the private security industry. Released in November 2010, the International Code of Conduct for Private Security Service Providers (ICoC) details human rights-based principles for the responsible provision of security services in complex environments. The multi-stakeholder governed International Code of Conduct Association (ICoCA), launched in September 2013, ensures implementation of, and accountability to, the ICoC.

The Swiss Federal Council’s decree details provisions to bring the 2013 law into full effect, and reflects the national manifestation of its international efforts. The law was passed to help ensure Swiss security and neutrality as well as respect for human rights. It applies to companies based in Switzerland providing security services overseas or who support the provision of those services, as well as Swiss government agencies contracting private security overseas and holding companies headquartered in Switzerland with control over PSCs operating overseas.

Key provisions of the law include the following:

  • PSCs headquartered in Switzerland may not participate in offensive operations during armed conflict.
  • PSCs must be members of the ICoCA.
  • Services that could result in severe human rights abuses are forbidden. For example, prison services cannot be provided in countries where it is known that torture occurs regularly at those facilities.
  • PSCs that wish to provide security services in complex environments, to include the protection of people, property, goods, as well as check point and prison services, must register with the Political Directorate of the FDFA. The FDFA will decide within a 14 day span whether the services are routine and acceptable, require additional investigation, or should be forbidden because they run counter to the intent of the law. Expedited registration is possible for services provided in an emergency situation.
  • Among the information required at time of registration is the types of services to be provided and clients, operating environments, weapons to be used, number of personnel and personal information of armed personnel, screening of personnel, expected risks, and trainings, including on human rights and humanitarian law.
  • The Federal Council has set minimal contractual requirements for PSCs working with Swiss government agencies, including reporting on the status of service provision, the identity of personnel, who can be replaced if they threaten delivery of contractually required services, notification of the contracting agency of any situation that may affect fulfillment of the contract, and notification of any incidents involving use of force. A sample contract containing these minimal requirements is available.

 

The enforcement of the law foresees measures such as empowering the FDFA to carry out, under certain conditions, unannounced inspections of the offices of PSCs, to include examination of their files. Failure to comply with the law can result in prison sentences of up to three years and fines.