PRIVATE SECURITY COMPANIES
Private Security Companies:
The Department of Defense, to include Geographic Combatant Commanders, may contract for private security functions to
fulfill non-combat requirements for security in Contingency Operations, Humanitarian or Peace Operations, and other
military operations or exercises. Private security functions include guarding of personnel, facilities, designated sites,
or property of a Federal agency, the contractor or subcontractor, or a third party. The use of force by PSCs is limited
to self-defense, the defense of others and the protection of U.S. Government property. Deadly force can only be used in
response to an imminent lethal threat to persons protected by the PSC, PSC personnel themselves, or to prevent the loss
or destruction of inherently dangerous property or critical infrastructure. PSCs may not engage in combat, which is
defined as deliberate destructive action against hostile armed forces or other armed actors. It is the policy of the
Department of Defense that PSCs must be regularly established, registered, well regulated, rigidly disciplined, properly
staffed with carefully selected operating personnel. This policy extends to include any other activity for which personnel
are required to carry weapons in the performance of their duties. This policy reflects U.S. law and is implemented through
Department of Defense Directives, Instructions, and acquisition policy, to include the use of rigorous and verifiable
business and operational standards.
DoD Goal for PSCs:
Contracted private security functions remain a legitimate and effective method for providing non-inherently governmental
protection of personnel, property, and activities in contingencies, areas of other significant military operations, peace
operations, and designated military exercises where there is a credible threat of criminal or other unlawful violence and
where the use of military or other government security forces are unavailable, insufficient, or inappropriate.
- The use of force in such protective services is limited to self-defense and defense of others against unlawful attack.
- Services must be provided using methods and techniques that promote, and do not undermine, long-term stability and
security of the region in which these services are performed.
- Misconduct on the part of an PSC affects the ability of all PSCs to operate. Therefore, contracted security functions
should be performed to quality standards common to all private security providers, regardless of contracting entity.
In addition to the laws and acquisition regulations that apply to all contingency contracting, the following laws and
regulations are particularly applicable to PSCs and other armed contractors:
Department of Defense Instructions and Directives:
Section 833 of the National Defense Authorization Act of 2011 required the Defense Department to use business and
operational standards in contracting and management of PSCs, with the intent of raising the overall standard of
performance of these companies. Pursuant to this requirement, the Department of Defense contracted for the development
of consensus based quality management standards. Working through its contract, DoD submitted its standards for
recognition by the American National Standards Institute (ANSI). ANSI recognized the standard in March 2012. DFARS
252.225-7039 requires contractors and any subcontracts for private security functions to comply with this standard.
To be competitive, proposals for PSC functions will include evidence of standards compliance. (Contracting offices
may specify what is considered acceptable evidence.)
DoD also commissioned the development of the ANSI into an international standard. This work was published by the International
Organization for Standardization (ISO) them as ISO 18788 - 2015: Management System Private Security Operations: Requirements
on 18 September 2015. The substance of the ISO and ANSI standards are the same. Companies that are in compliance
with PSC.1 will also be in substantial conformance with the ISO standard. DFARS 252.225-7039 accepts ISO 18788 as an alternative to
compliance with ANSI/ASIS PSC.1-2012. Interested persons should contact The Office of the Deputy Assistant Secretary (Program
Support) for more information about this standard and its use in meeting DoD requirements for standards compliance.
These standards are accompanied by a conformity assessment standard, ANSI/ASIS PSC.2-2012 Conformity Assessment and Auditing
Management Systems for Quality of Private Security Company Operations
. This standard supplements and builds upon ISO/IEC
Standard 17021:2011 Conformity Assessment - Requirements for bodies providing audit and certification of management
. Whereas the ISO/IEC standard provides general guidance for conformity assessment to any management standard, the
ANSI/ASIS PSC.2 standard is specific to the requirements of auditing private security functions. It includes requirements and
guidance on the management of audit programs, conduct of internal or external audit of the management system and private security
company operations, human rights considerations, as well as the competence and evaluation of auditors. The PSC.2 standard enables
certification bodies to become accredited for and to provide independent, third party audits of PSCs. Such certification will
provide a measure of due diligence in the selection of PSCs, by providing an independent review that a company can in fact,
operate in accordance with the good practices of The Montreux Document On Pertinent Legal Obligations and Good Practices for
States Related to Operations of Private Military and Security Companies During Armed Conflict and the International Code of
Conduct for Private Security Service Providers.
The American National Standards Institute, through its accreditation body (ANAB) published rules for accrediting certification
bodies and auditors to audit and certify PSCs to the PSC.1 standard (May 2013). Following a pilot certification program, the
United Kingdom Accreditation Service has accredited two certification bodies to conduct conformity assessments. The Joint
Accreditation System of Australia and New Zealand is developing its own program for certifying PSCs in its region.
The PSC operations standard is supported by a maturity model. The Department of Defense contracted for the development of this
tool to enable PSCs and government contract managers (such as the Defense Contract Management Agency, Inspectors General,
Contracting Officers and their representatives) to assess a company's progress towards full conformance with the standard.
Rather than being a pass/fail audit, it identifies the degree to which a company has implemented the objectives of the standard
and identifies ways to move from where a company is at that moment towards meeting those objectives. This maturity model is
also useful for Private sector purchasers of PSC services in assessing whether a PSC under contract with them is implementing
the PSC.1 Standard.
These standards are growing international recognition and use. In December 2012, the British Foreign and Commonwealth Office
announced that the PSC.1 Standard was required in all overseas contracts for private security services. Australia, the Czech
Republic and several other States have either recognized the standard or endorsed its use. Other States are expected to
recognize or endorse the international equivalent standard (ISO 18788.)
The standards process is marked by a commitment to continual improvement. Consistent with that, the Defense Department initiated
a new contract with ASIS International to review and recommend possible revisions to ANSI/ASIS PSC.1-2013 to ensure that it
remains relevant, usable, and captures the lessons learned in the time since it was originally published.
Working with other U.S. Government agencies, the Department of Defense supports international efforts for regulation and
oversight of PSCs. These efforts include the development and promotion of the Montreux Document on pertinent international
legal obligations and good practices for States Related to operations of Private Military and Security Companies During Armed
and promotion of the International Code of Conduct for Private Security Service Providers (ICoC). The ICoC is
applicable to PSCs and a useful reference for private sector purchasers of PSC services. DoD supports the Department of State in
other international efforts at regulation, including private maritime security companies and the work of UN agencies in PSC
The Montreux Document
The Montreux Document describes existing legal obligations regarding Private Military and Private Security Companies and lists
recommended good practices for States which contract for such services as well as the States in which the companies are
registered and/or operate. The U.S. Government's support of the Montreux Document is active and continuous.
Regulation of Private Military and Private Security Services by the United States began before Montreux and has continued since
then. DoD believes that its policy, directives, instructions, the requirement for compliance with the ANSI or ISO standard for
PSCs and its other contracting and regulatory practices implement all of the provisions of the Montreux Document for contracting
States. These can be found in the U.S. Laws and Defense Department Directives and Instructions cited above. PSC specific
elements include the determination of services, selection and vetting of PSCs, accounting for weapons and other materiel, Rules
for the Use of Force, training, and applicability of Host Nation Law. Other elements of national law and standard clauses
required by the Federal Acquisition Regulations and Defense supplements (DFARS) apply to all contractors accompanying the force
or providing operational support. These laws and implementing clauses cover elements such anti-human trafficking, other
personnel welfare provisions, measures against bribery and corruption, and contract management and oversight.
Although oriented on armed conflict, the Montreux Document states that its recommended good practices may also be instructive
for post-conflict situations and for other, comparable situations. Further, although addressed to States, the good practices
may be of value for other entities such as international organizations, NGOs and companies that contract for private security
services, as well as for PMCs and PSCs. Although the Montreux Document is not a binding international agreement, the U.S.
Government recognizes the existing legal obligations described in the document and the value of its recommended good practices.
DoD's regulations covering PSCs are reviewed for consistency with the Montreux Document and DoD works with other agencies of
the U.S. Government for consistency throughout the government and to promote the Montreux Document internationally.
The most significant development specifically intended to support U.S. implementation the Good Principles of the Montreux
Document are the consensus based performance standards for PSC operations, described above.
The Montreux Document can be accessed at:
A detailed description of the U.S. Government's implementation of the Montreux Document can be found in a response to a
on that subject. The Department of Defense promoted
the development of a Forum for Montreux Document Participants. The purpose of this forum is to provide an informal consultative
arrangement whereby participants in the Montreux Document process can share information, review best practices, work to ensure
consistency in national legislation, provide State oversight of the International Code of Conduct initiative, and review
application of the goals of the Montreux Document to conditions other than armed conflict and for non-State purchasers of such
services. The Forum established a working group for liaison and oversight of the ICoC Association in December 2014 and a second
working group applying the Montreux Document in the maritime environment is expected in the coming year.
The International Code of Conduct for Private Security Service Providers (ICoC):
Article 8 of the Introduction to the Montreux Document states: “That while this document is addressed to States, the good
practices may be of value for other entities such as international organizations, NGOs and companies that contract PMSCs, as
well as for PMSCs themselves.” The PSCs that acted as expert advisors in the development of the Montreux Document accepted this
recommendation and approached the Swiss Government to facilitate the development of a tool that would enable the PSC industry to
adapt and apply the Montreux Document’s good practices in their own operations. This effort produced the International Code of
Conduct for Private Security Service Providers, which was signed by 58 private security providers in Geneva in November 2010.
There are hundreds of signatory companies today.
The ICoC represents the PSC industry's commitment to abide by the legal obligations of the Montreux Document and implement the
recommended good practices in that document which are appropriate to private security service providers and other practices
consistent with broadly accepted human rights principles. The Department of Defense encourages companies to commit to the
principles of the ICoC as supporting DoD strategic goals for private security functions. The ICoC remains, however, a voluntary,
industry led initiative. It supports implementation of the Montreux Document. It does not impose any obligation on States and
States are not parties to the ICoC. Key points of DoD support for this initiative include the understanding that:
Further information about the ICoC can be found at:
Guidance on the use of force:
- The ICoC does not bind governments and incurs no obligations on the Department of Defense.
- Current U.S. Government requirements for conformance with ANSI/ASIS PSC.1-2012 or ISO 18788
implement the recommended good practices of the Montreux Document and realizes the commitments
made by PSCs in the ICoC.
- DoD will not require signature to the ICoC or certification and oversight by the ICoC Association
as a condition of any DoD contracts.
The use of force and the potential to use deadly force is the fundamental issue that distinguishes private security contractors
from other operational contract support (civilians accompanying the armed forces.) Regulating the use of force and violence is a
sovereign prerogative of States and, in many cases, is also subject to the provisions of international law, to include the Law of
Armed Conflict and outside of armed conflict, International Human Rights Law. The Department of Defense is involved in several
initiatives to ensure that the use of force by PSCs is consistent with international law and the notion of State monopoly of
The Department of Defense works closely with the International Institute of Humanitarian Law in Sanremo, Italy in its Rules of
Engagement Workshops and The Sanremo of Rules of
This handbook is used by armed forces on all six inhabited continents in developing Rules of Engagement (ROE) for
their armed forces, including U.S. Geographic Combatant Commands and the Joint Staff. DoD participation helps students understand
the differences between armed forces and PSCs and the critical differences between ROE appropriate to armed forces in combat and
the Rules for the Use of Force (RUF) for civilian self-defense.
To further clarify this distinction and in recognition that most purchasers of PSC services are not States and international
organizations, but come from the private sector (to include NGOs), DoD participates in an initiative sponsored by the United
Nations Office on Drugs and Crime (UNODC) to develop a Use of Force Handbook for PSCs. This work is patterned after the Sanremo
Handbook and is written by many of the same authors. The difference is its sole focus on use of force appropriate to PSCs rather
than a broader work on ROE that can be used to develop RUF. The UNODC initiative also addresses that in many cases, PSCs will not be
operating under State issued or approved RUF but under a use of force policy developed by the private sector purchaser of security
services or the PSC itself. This UNODC sponsored effort was published in September, 2016 as
Handbook for Use of Force by Private Security Companies
by the NGO Oceans Beyond Piracy. It is available on their website.
This handbook can be useful for both formal RUF development and use of force policy consistent with recognized PSC