Private Security Companies:
The Department of Defense, to include Geographic Combatant Commanders, may contract for private security functions to fulfill non-combat requirements for security in Contingency Operations, Humanitarian or Peace Operations, and other military operations or exercises. Private security functions include guarding of personnel, facilities, designated sites, or property of a Federal agency, the contractor or subcontractor, or a third party. The use of force by PSCs is limited to self-defense, the defense of others and the protection of U.S. Government property. Deadly force can only be used in response to an imminent lethal threat to persons protected by the PSC, PSC personnel themselves, or to prevent the loss or destruction of inherently dangerous property or critical infrastructure. PSCs may not engage in combat, which is defined as deliberate destructive action against hostile armed forces or other armed actors. It is the policy of the Department of Defense that PSCs must be regularly established, registered, well regulated, rigidly disciplined, properly staffed with carefully selected operating personnel. This policy extends to include any other activity for which personnel are required to carry weapons in the performance of their duties. This policy reflects U.S. law and is implemented through Department of Defense Directives, Instructions, and acquisition policy, to include the use of rigorous and verifiable business and operational standards.
DoD Goal for PSCs:
Contracted private security functions remain a legitimate and effective method for providing non-inherently governmental protection of personnel, property, and activities in contingencies, areas of other significant military operations, peace operations, and designated military exercises where there is a credible threat of criminal or other unlawful violence and where the use of military or other government security forces are unavailable, insufficient, or inappropriate.
- The use of force in such protective services is limited to self-defense and defense of others against unlawful attack.
- Services must be provided using methods and techniques that promote, and do not undermine, long-term stability and security of the region in which these services are performed.
- Misconduct on the part of an PSC affects the ability of all PSCs to operate. Therefore, contracted security functions should be performed to qualilty standards common to all private security providers, regardless of contracting entity.
In addition to the laws and acquisition regulations that apply to all contingency contracting, the following laws and regulations are particularly applicable to PSCs and other armed contractors:
• OMB Circular A-76 and OMB Policy Letter 11-01 describe what functions are inherently governmental or military and cannot be contracted out. http://www.whitehouse.gov/omb/circulars_a076_a76_incl_tech_correction/ http://www.whitehouse.gov/omb/procurement_index_policy
• The International Traffic in Arms Regulations governs the export of defense Articles and defense services https://www.pmddtc.state.gov/regulations_laws/itar.html
• Section 862 of the National Defense Authorization Act, as amended by the 2011 NDAA governs the selection, use, and limitations on US Government use of PSCs
• Title 32, Part 159 of the Code of Federal Regulations implements the statutory requirements of Section 862 http://www.gpo.gov/fdsys/pkg/FR-2009-07-17/html/E9-17059.htm
• Title 48, (Federal Acquisition Regulations) Part 25.302 of the Code of Federal Regulations, (Contractors performing private security functions outside the United States) covers the use of PSCs throughout the US Government https://acquisition.gov/far/current/html/Subpart%2025_3.html
• The Defense Federal Acquisition Regulation Supplement, Part 225, Subpart 7401 of the Code of Federal Regulations requires use of ANSI/ASIS PSC.1 standard through implementing instruction PGI 225.7401(a) http://www.gpo.gov/fdsys/pkg/CFR-2007-title48-vol3/pdf/CFR-2007-title48-vol3-part225-subpart225-74.pdf
• The Defense Federal Acquisition Regulation Supplement Part 252, Subpart 225-7039 covers contractors performing private security functions. (In revision. Will be available in next publication cycle.)
Department of Defense Instructions and Directives:
• DODD 5210.56, Carrying of Firearms and the Use of Force by DoD Personnel Engaged in Security, Law and Order, or Counterintelligence Activities
• DODI 1100.22, Policies and Procedures for Workforce Mix
• DODI 3020.41, Operational Contract Support (OCS)
• DODI 3020.50, Private Security Contractors (PSCs) Operating in Contingency Operations, Humanitarian or Peace Operations, or Other Military Operations or Exercises
Section 833 of the National Defense Authorization Act of 2011 required the Defense Department to use business and operational standards in contracting and management of PSCs, with the intent of raising the overall standard of performance of these companies. Pursuant to this requirement, the Department of Defense facilitated the development of consensus based quality management standards. These standards were recognized by the American National Standards Institute in March 2012. Since May, 2012, all Defense Department contracts for private security functions performed overseas require conformance with this standard.
• Management System for Quality of Private Security Company Operations - Requirements with Guidance, ANSI/ASIS PSC.1-2012 - March 5, 2012
This standard is accompanied by a conformity assessment standard. This second product supplements and builds upon ISO/IEC Standard 17021:2011 Conformity Assessment - Requirements for bodies providing audit and certification of management systems. Whereas the ISO/IEC standard provides general guidance for conformity assessment to any management standard, the ANSI/ASIS standard is specific to the requirements of auditing private security functions. It includes requirements and guidance on the management of audit programs, conduct of internal or external audit of the management system and private security company operations, human rights considerations, as well as the competence and evaluation of auditors. This standard enables certification bodies to become accredited for and to provide independent, third party audits of PSCs. Such certification will provide a measure of due diligence in the selection of PSCs, by providing an independent review that a company can in fact, operate in accordance with the good practices of The Montreux Document On Pertinent Legal Obligations and Good Practices for States Related to Operations of Private Military and Security Companies During Armed Conflict and the International Code of Conduct for Private Security Service Providers.
• ANSI/ASIS PSC.2-2012 Conformity Assessment and Auditing Management Systems for Quality of Private Security Company Operations.
The American National Standards Institute, through its accreditation body (ANAB) published rules for accrediting certification bodies and auditors to audit and certify PSCs to the PSC.1 standard (May 2013). Following a pilot certification program, the United Kingdom Accreditation Service has accredited two certification bodies to conduct conformity assessments. The Joint Accreditation System of Australia and New Zealand is developing its own program for certifying PSCs in its region.
The PSC operations standard is supported by a maturity model. This is a tool which PSCs and government contract managers (such as the Defense Contract Management Agency, Inspectors General, Contracting Officers and their representatives) can use to assess a company's progress towards full conformance with the standard. Rather than being a pass/fail audit, it identifies the degree to which a company has implemented the objectives of the standard and identifies ways to move from where a company is at that moment towards meeting those objectives. This maturity model is also useful for Private sector purchasers of PSC services in assessing whether a PSC under contract with them is implementing the PSC.1 Standard.
• ANSI/ASIS PSC.3-2013 Maturity Model for the Phased Implementation of a Quality Assurance Management System for Private Security Service Providers
These standards are achieving international recognition and use. In December 2012, the British Foreign and Commonwealth Office announced that the PSC.1 Standard will be required in all overseas contracts for private security services. Australia, the Czech Republic and several other States have either recognized the standard or endorsed its use. Other States are choosing to wait for the development of the international version of PSC.1. The initiative to transform PSC.1 into an international standard was accepted by ISO in March 2013 as a new work item. It has since gone through extensive work by an international project committee organized for that specific purpose. The Draft International Standard, ISO 18788: Management System Private Security Operations – Requirements with Guidance, has been registered with ISO and is expected to be released for international ballot in early December 2014. The substance of the ISO and ANSI standards will remain the same. Companies that are in compliance with PSC.1 will also be in substantial conformance with the new ISO standard.
With other U.S. Government agencies, the Department of Defense supports international efforts for regulation and oversight of PSCs. These efforts include the development and promotion of the Montreux Document on pertinent international legal obligations and good practices for States Related to operations of Private Military and Security Companies During Armed Conflict; and promotion of the International Code of Conduct for Private Security Service Providers (ICoC) which is applicable to PSCs and a useful reference for private sector purchasers of PSC services. DoD supports the Department of State in other international efforts at regulation, including private maritime security companies and the work of UN agencies in PSC oversight.
The Montreux Document
The Montreux Document describes existing legal obligations regarding Private Military and Private Security Companies and lists recommended good practices for States which contract for such services as well as the States in which the companies are registered and/or operate. The U.S. Government’s support of the Montreux Document is active and continuous.
Although oriented on armed conflict, the Montreux Document states that its recommended good practices may also be instructive for post-conflict situations and for other, comparable situations. Further, although addressed to States, the good practices may be of value for other entities such as international organizations, NGOs and companies that contract for private security services, as well as for PMCs and PSCs. Although the Montreux Document is not a binding international agreement, the U.S. Government recognizes the existing legal obligations described in the document and the value of its recommended good practices. DoD’s regulations covering PSCs are reviewed for consistency with the Montreux Document and we are work with other agencies of the U.S. Government for consistency throughout the government and to promote the Montreux Document internationally.
Regulation of Private Military and Private Security Services by the United States began before Montreux and has continued since then. DoD believes that its policy, directives, instructions, the requirement for conformance with the ANSI standard for PSCs and its other contracting and regulatory practices implement all of the provisions of the Montreux Document for contracting States. These can be found in the U.S. Laws and Defense Department Directives and Instructions cited above. PSC specific elements include the determination of services, selection and vetting of PSCs, accounting for weapons and other materiel, Rules for the Use of Force, training, and applicability of Host Nation Law. Other elements of national law and standard clauses required by the Federal Acquisition Regulations apply to all contractors accompanying the force or providing operational support. These laws and implementing clauses cover elements such anti-human trafficking, other personnel welfare provisions, measures against bribery and corruption, and contract management and oversight. The most significant development specifically intended to support U.S. implementation the Good Principles of the Montreux Document is the consensus based performance standard for PSC operations, described above.
The Montreux Document can be accessed at:
A detailed description of the U.S. Government’s implementation of the Montreux Document can be found in a response to a questionnaire on that subject. The Department of Defense promoted the development of a Forum for Montreux Document Participants. The purpose of this forum will be to provide an informal consultative arrangement whereby participants in the Montreux Document process will be able to share information, review best practices, work to ensure consistency in national legislation, provide State oversight of the International Code of Conduct initiative, and review application of the goals of the Montreux Document to conditions other than armed conflict and for non-State purchasers of such services. The first meeting of the Forum is scheduled for December, 2014 and will include the establishment of working groups for ICoC Association liaison and application of the Montreux Document in the maritime environment.
The International Code of Conduct for Private Security Service Providers (ICoC):
The ICoC represents the PSC industry’s commitment to abide by the legal obligations of the Montreux Document and implement the recommended good practices in that document which are appropriate to private security service providers and other practices consistent with broadly accepted human rights principles. The Department of Defense encourages companies to commit to the principles of the ICoC as supporting DoD strategic goals for private security functions. The ICoC remains, however, a voluntary, industry led initiative. It supports implementation of the Montreux Document. It does not impose any obligation on States and States are not parties to the ICoC. Key points of DoD support for this initiative include the understanding that:
- The ICoC does not bind governments an dincurs no obligations on the Department of Defense.
- Current U.S. Government requirements for conformance with ANSI/ASIS PSC.1-2012 implement the recommended good practices of the Montreux Document and realizes the commitments made by PSCs in the ICoC.
- DoD will not require signature to the ICoC or certification and oversight by the ICoC Association as a condition of any DoD contracts.
In September 2013, the ICoC Association was inaugurated in Geneva, Switzerland to provide the oversight and governance structure consistent described in the ICoC. This was the culmination of a three year effort of a temporary steering committee drawn from the PSC industry, Montreux Document Participating States, and non-governmental human rights interest groups. The Department of Defense supplied the U.S. Government technical expert to this process. The US Government supports the establishment of the ICoC Association, the authority of which is limited to the private, voluntary, nature of the ICoC itself. Therefore, consistent with obligations under U.S. law, the DoD goals described above and overarching DoD policy, DoD support to the Association is conditional to the understanding that participation in the Association:
- Does not interfere with DoD goals for private security functions.
- Cannot conflict with U.S. law, statue, regulation or Department directives and instruction.
- Cannot interfere or compete with government authority to regulate private sercuiry functions.
- Does not duplicate other oversight or quality control of such services.
- Does not interfere with the effectivenes of private security functions.
- Does not increase the U.S. Government's costs for acquiring such services.
Further information about the ICoC can be found at: http://www.icoca.ch/
Guidance on the use of force: The use of force and the potential to use deadly force is the fundamental issue that distinguishes private security contractors from other operational contract support (civilians accompanying the armed forces.) Regulating the use of force and violence is a sovereign prerogative of States and, in many cases, is also subject to the provisions of international law, to include the Law of Armed Conflict and outside of armed conflict, International Human Rights Law. The Department of Defense is involved in several initiatives to ensure that the use of force by PSCs is consistent with international law and the notion of State monopoly of violence.
The Department of Defense works closely with the International Institute of Humanitarian Law in Sanremo, Italy in its Rules of Engagement Workshops and The Sanremo Handbook of Rules of Engagement. This handbook is used by armed forces on all six inhabited continents in developing ROE for their armed forces, including U.S. Geographic Combatant Commands and the Joint Staff. DoD participation helps students understand the differences between armed forces and PSCs and the critical differences between Rules of Engagement appropriate to armed force in combat and the Rules for the Use of Force for civilian self-defense.
To further clarify this distinction and in recognition that most purchasers of PSC services are not States and international organizations, but come from the private sector (to include NGOs), DoD is also supporting an initiative by the United Nations Office on Drugs and Crime (UNODC) to develop a Rules for the Use of Force Handbook for PSCs. This work is patterned after the Sanremo Handbook and is written by many of the same authors. The difference is its sole focus on RUF appropriate to PSCs rather than a broader work on ROE that can be used for RUF. It also addresses that in many cases, PSCs will not be operating under State issued or approved RUF but under a use of force policy developed by the private sector purchaser of security services or the PSC itself. This UNODC handbook will be useful for both formal RUF and use of force policy consistent with recognized PSC operations standards.