The International Code of Conduct for Private Security Service Providers (the “Code of Conduct”) is the result of a multi-stakeholder initiative that aims to set principles and standards firmly based on international human rights and humanitarian law principles for the private security industry operating in complex environments, as well as to improve oversight and accountability of these companies. The Code was developed through a transparent and inclusive multi-stakeholder process, and sets forth human rights and humanitarian law-based principles for the responsible provision of private security services.
How was the Code of Conduct developed?
The International Code of Conduct for Private Security Service Providers is the fruit of a multi-stakeholder initiative launched by Switzerland, with the over-arching objectives of articulating the human rights responsibilities of private security companies (PSCs), and articulating international principles and standards for the responsible provision of private security services, particularly when operating in complex environments. Over the course of an 18-month process, Switzerland brought together private security companies, sovereign states (including Australia, the United Kingdom and the United States), civil society organisations and academics to elaborate a code of conduct for the private security industry, based on international humanitarian and human rights law and standards.
At its adoption in 2010, the Code of Conduct was signed by 58 private security companies from fifteen countries; by 2013 708 companies had signed the Code.
What is the content of the Code of Conduct?
The principles for the responsible provision of private security services as contained in the Code can be broadly summarized in two categories: first, principles regarding the conduct of PSC personnel based on international human rights and humanitarian law standards; and second, management and governance principles.
Human rights principles guiding PSC personnel include inter alia rules on the use of force, on apprehending and detaining individuals, the prohibition of torture or other cruel, inhuman or degrading treatment or punishment, sexual violence, human trafficking, slavery and forced labour, child labour, and discrimination. Principles on management and governance contained in the Code of Conduct concern the inclusion of the Code in management policy, the vetting of personnel and subcontractors, training of personnel, management of weapons and other material of war, the working environment and harassment, incident reporting, and the establishment of a fair and accessible grievance mechanism offering effective remedies.
Why is the Code of Conduct needed?
Recent years have seen an increasing privatization of the security sector. The most significant examples are the employment of PSCs in armed conflicts in, for example, Afghanistan or Iraq, , or by the extractive industry to secure their operations. PSCs play an important role in protecting state and non-state clients engaged in relief, recovery, and reconstruction efforts, commercial business operations, diplomacy and military activity. The activities of PSCs can have potentially positive and negative consequences for their clients, the local population in the area of operation, or the general security environment regarding the enjoyment of human rights and the rule of law. The Code of Conduct is unique in providing clear human rights and humanitarian law standards for PSCs operating in complex environments, and it has been widely accepted by different stakeholders.
To whom does the Code of Conduct apply?
The Code of Conduct articulates principles applicable to PSCs delivering ‘security services’ in ‘complex environments’. The principles for the responsible provision of private security services as contained in the Code apply globally, wherever PSCs deliver such services.
‘Security services’ as defined in the Code of Conduct include ‘guarding and protection of persons and objects, such as convoys, facilities, designated sites, property or other places (whether armed or unarmed), or any other activity for which the personnel of PSCs are required to carry or operate a weapon in the performance of their duties’.
‘Complex environments’ under the Code of Conduct are defined as ‘any areas experiencing or recovering from unrest or instability, whether due to natural disasters or armed conflicts, where the rule of law has been substantially undermined, and in which the capacity of the state authority to handle the situation is diminished, limited, or non-existent’.
What company commitments are included in the Code of Conduct?
The Code of Conduct includes provisions on:
implementing appropriate policies and oversight, including steps to be taken in order to establish and maintain an effective internal governance framework to deter, monitor, report, and effectively address adverse impacts on human rights;
making compliance with this Code – in particular the human rights and humanitarian law principles contained therein – an integral part of contractual agreements with personnel and subcontractors;
operating in accordance with applicable national and international laws and regulations, in a manner that recognizes and supports the rule of law, respects human rights, and protects the interests of their clients. This includes cooperation with any international authorities exercising jurisdiction on alleged crimes committed by these companies.
Does the Code of Conduct create new obligations?
The Code itself creates no legal obligations and no legal liabilities for companies that endorsed the Code of Conduct, beyond those which already exist under national or international law. The Code of Conduct complements and does not replace jurisdiction exercised by competent authorities, and does not limit or alter applicable international law or relevant national law.
Is the Code of Conduct relevant to the maritime sector?
The Code of Conduct applies to security services provided in complex environments as defined in the Code. The principles within the Code of Conduct apply in maritime environments where the rule of law is undermined and where the capacity of the state authority to handle the situation is diminished, limited or non-existent.
The Code of Conduct enjoys broad acceptance among private maritime security companies: nearly one half of ICoCA’s Member Companies provide maritime security services, of these nearly half operate exclusively in the maritime sector.
How does ICoCA ensure compliance with the Code of Conduct?
By signing the Code of Conduct and becoming a member of the ICoCA, PSCs commit to become certified by the ICoCA and submit to ongoing independent monitoring, auditing, and verification. Companies are also required to report regularly to the ICoCA on their performance.
The ICoCA, in its function as the governance and oversight mechanism of the Code, gathers and receives information on compliance of companies with the Code of Conduct. The Association reviews alleged violations of the Code – including in the field – and engages in constructive dialogue with the companies. If companies violate the Code of Conduct and fail to take corrective action or to cooperate with the Association in good faith, the Association’s Board can initiate suspension proceedings.
Can companies still sign the Code of Conduct?
Since August 2013 ‘signatory company status’ is no longer granted. Companies interested in committing to the principles contained in the Code and in joining the Code of Conduct process are encouraged to apply for membership of the ICoCA.
Companies should not identify themselves, on their websites or in public documents, as ICoC signatories, as this status is no longer valid.
The International Code of Conduct for Private Security Providers’ Association (ICoCA) is a multi-stakeholder initiative established as a non-profit association. The purpose of the ICoCA is to promote, govern and oversee implementation of the International Code of Conduct for Private Security Service Providers (Code of Conduct) and to promote the responsible provision of security services and respect for human rights and national and international law in accordance with the Code. ICoCA’s integrated approach includes three interrelated core functions:
How is the ICoCA governed?
The main governing bodies of the ICoCA are the General Assembly, the Board of Directors, and the Secretariat operating under the supervision of an Executive Director.
The General Assembly is the supreme governing body of the Association and consists of a gathering of the full membership.
The Board of Directors is the decision-making body of the Association and manages the affairs of the Association. The Board consists of an equal number of representatives from three stakeholder pillars representing government, civil society and industry.
The Executive Director is appointed by and executes the decisions of the Board and - with support of the Secretariat – administers and directs the activities of the Association.
Who are the members of the ICoCA?
Membership of the ICoCA consists of States or intergovernmental organizations, private security service providers, and civil society organizations – referred to as the three stakeholder groups.
Member States of the ICoCA are States that also support the Montreux Document, and include the main headquarter States of PSCs. Member Companies come from all continents and range from smaller companies to some of the world market leaders. ICoCA Member Companies provide both land-based and maritime-based security services. Civil society organization Members of the ICoCA include international non-governmental organizations as well as local non-governmental organizations working in complex environments where PSCs operate.
In addition, the ICoCA Board of Directors may grant non-voting Observer status to persons or entities that are interested in participating in the work of the ICoCA. The Articles of Association also foresee an Advisory Forum of Montreux Document Participants which is envisaged as a resource to the Board that may provide advice to the Association on national and international policy and regulatory matters.
How to join the ICoCA?
ICoCA membership is open to States or intergovernmental organizations, private security service providers, and civil society organizations. In addition to the three membership pillars, there is also an observer category for persons or entities that are interested in participating in the work of the ICoCA but who do not meet the membership criteria or would not wish to become a Member.
What role do PSC clients have a role to play in the Association?
Clients of private security companies play a pivotal role under the Code of Conduct. The Code of Conduct can have its greatest impact if State and non-State clients of PSCs consider ICoCA membership a prerequisite for hiring a security company, and include this requirement in their procurement policies. Clients have been involved in developing the Code and the Articles of Association. Non-state clients have the possibility to become observers of the ICoCA, which enables them to participate in the further development of the Code, its Association and the relevant procedures.
Private security companies (PSCs), civil society organizations (CSOs) and governments can become members, provided they:
PSC Member Companies must also:
Organizations and individuals who do not fit into those groups, but who may still have an interest the ICoCA (eg. academics, other security-related industries, certifying bodies, etc) may join as observers.
Only current Members can display the ICoCA Member logo on their website and other promotional material. Members will be sent the logo as digital graphics file on successful application for Membership, or can request the logo from the Secretariat.
An “ICoC signatory” logo was in use prior to the establishment of the Association, but this is no longer a valid status, and all companies are requested to remove this (as well as any mention of 'ICoC signatory' status) from websites and promotional material. Member Companies should demonstrate their membership through use the ICoCA Member logo.
The ICoCA logo is a registered trademark and cannot be used by any company not a certified member of ICoCA.
In the event of misuse of the ICoCA logo, the Secretariat will contact the offending party with a request to cease the unauthorized use.
By joining the ICoCA, private security companies show their commitment to complying with the fundamental human rights and humanitarian law principles and standards articulated in the Code of Conduct. Certification by the Association is a public statement that the security company’s policies and systems have been independently reviewed and found to be in compliance with the Code of Conduct and that member PSCs’ activities are continuously monitored. Moreover, as an increasing number of States and non-State clients are requiring ICoCA membership as a prerequisite to participating in bidding processes, becoming an ICoCA member may open up more business opportunities for PSCs.
By joining the ICoCA, States and intergovernmental organizations emphasize their commitment to effective private security sector governance, as well as their support for international human rights - and humanitarian law - based principles and standards applying to the responsible provision of private security services, including those contained in the Montreux Document. As a non-State mechanism, the ICoCA is complementary to national governmental measures and offers an additional facility through which companies can be held accountable, potentially including redress for victims.
By joining the ICoCA, civil society organizations help to promote and protect human rights and support the rule of law through improving effective regulation and accountability of the private security sector. Member civil society organizations play a key role in safeguarding the human rights focus of the Association’s core functions, and in ensuring that monitoring is carried out according to established human rights methodologies. Additionally, CSO members can contribute to identifying particular areas and regions where the provision of private security services may encounter higher risks, ensure that the concerns and needs of impacted communities are taken into account, and that complaints processes are accessible and ensure effective remedies.
What is the process for applying for membership?
Eligible PSCs, CSOs and governments can request consideration for membership. They will be asked to provide evidence of their eligibility, and prospective industry members will be asked to provide a written plan explaining how they have implemented the Code of Conduct in their current and planned operations. To find out more and apply for membership, see ‘How to become a Member’.
Through their membership, states and intergovernmental organizations show their commitment to effective private security sector governance, as well as their support for international human rights - and humanitarian law - based principles and standards applying to the responsible provision of private security services sector, including those contained in the Montreux Document.
Civil Society Organizations help to promote and protect human rights and support the rule of law through improving effective regulation and accountability of the private security sector. CSO Members play a key role in safeguarding the human rights focus of the Association’s core functions, and in ensuring that monitoring is carried out according to established human rights methodologies. Additionally, CSO members can contribute to identifying particular areas and regions where the provision of private security services may encounter higher risks, as well as in ensuring that the concerns and needs of impacted communities are taken into account and that the complains process is accessible and ensures effective remedies.
Financial obligations related to membership will depend on the membership pillar. The ICoCA is primarily financed by its members.
Government contributions are made on a voluntary basis.
Member Companies pay a joining fee ($1000) and an annual due which is determined according to the company’s revenue as follows:
Civil Society membership dues amount to $100, which can be waived under certain conditions.
Observers pay dues of $1,000 (commercial entities) or $100 (non-profit entities), which can be waived under certain conditions.
The Certification Procedure describes the current process for Member Companies to become certified by the ICoCA. The Procedure is structured in different sections, each detailing an individual aspect of the Certification function. In particular, it explains:
For more details, including guidance and forms for applying for Certification, see the Certification pages. The Secretariat is happy to give further explanations on demand.
External standards currently recognised by the ICoCA Board are PSC.1, ISO 28007, and ISO 18788. Certification must be carried out by an independent accredited certification body.
The process is:
The process officially opened on 1 November 2016. Member Companies that are certified to an ICoCA-recognised standard are encouraged to submit their application following the guidance documents.
All Member Companies are required to achieve ICoCA Certification by September 2018. Companies are encouraged to apply for ICoCA Certification as soon as possible.
A Reporting, Monitoring and Assessing Performance Procedure (Article 12) was adopted by vote at the 2016 AGA, and forms the basis for monitoring operations, which are being introduced and increasingly used during 2017. The procedures involve remote monitoring, self-assessment by Member Companies, and field-based reviews, in order to identify any concerns about—or barriers to—compliance with the Code of Conduct.
The ICoCA’s monitoring function is designed to identify concerns about—or barriers to—compliance with the Code of Conduct. Information is collected through an integrated approach involving:
A field-based review can be triggered by the Secretariat on the basis of identified need or upon the request of a Member of the Association.
The Secretariat engages Member Companies in a confidential dialogue on issues that arise as a result of monitoring, and how these issues could be remedied. Successful strategies are shared with other Member Companies in order to improve performance throughout the sector. In case of failure to act in good faith to remedy non-compliance with the Code, the procedures also provide a mechanism for corrective and disciplinary action, including membership suspension or termination.
The Secretariat’s top priority is security. Data which is considered highly confidential is currently kept on a stand-alone workstation that is not connected to a network, and other data is kept on a secure database with a dedicated network. Industry-standard security measures are being sought to ensure data is securely kept and managed. Secretariat staff are bound by confidentiality agreements, and are selected for their demonstrated experience in working in confidential environments, and sensitive information is not shared outside of the Secretariat. Where it is necessary for the Board to consider information that may be sensitive they are provided with a summary that omits details of individual companies or operations. Board members are required to sign a non-disclosure agreement, and to register any conflict of interest where it may exist.
The Complaints function facilitates access to fair and accessible grievance procedures that offer effective remedies for individuals adversely affected by PSCs. The ICoCA will assist Member Companies in establishing operational grievance mechanisms to effectively and fairly handle complaints, and, where complaints cannot be effectively handled by operational grievance mechanisms, will facilitate access to alternative grievance procedures. We actively encourage participation by CSOs experienced in handling human-rights related complaints.
Upon receipt of a properly filed complaint the Secretariat will carry out a preliminary review, analyzing the nature of the allegations, assessing whether the complaint refers to criminal activities, personnel disputes, violations of the Code, etc. If it involved alleged violations of the Code by activities of an ICoCA Member Company, the Secretariat will accept the complaint for processing. The Secretariat will then ascertain whether the Member Company’s grievance mechanism could constitute a viable path and whether other appropriate grievance mechanisms are available; and will present to the complainant options to pursue their claim. In the event of no sufficient existing company grievance mechanism, ICoCA will provide recommendations and guidance for corrective action, and/or options for alternative grievance mechanisms to resolve the complaint, such as mediation or the ICoCA’s ‘good offices’.
Yes: one of the Secretariats’ functions is to provide support to Member Companies to develop their company grievance mechanisms; general good practices will be made available, and Members are invited to seek more specific advice.
Any affected individual or representative can file a complaint. The Complainant may be, for example:
You can make a complaint if:
To file a complaint with the ICoCA, you should:
The complainant will be notified throughout the process of the status of the complaint. The Secretariat will acknowledge receipt of the complaint, ask the complainant for more information as necessary and offer options to pursue its claim within 30 days after acceptance of the complaint for processing. If the company’s grievance mechanism is assessed to be inappropriate to handle the complaint, the Association may recommend that the Member Company take corrective actions and offer the complainant a choice of alternative mechanisms within 60 days after receipt of the complaint.