Frequently Asked Questions

The Code of Conduct

What is the Code of Conduct?

The International Code of Conduct for Private Security Service Providers (the “Code of Conduct”) is the result of a multi-stakeholder initiative that aims to set principles and standards firmly based on international human rights and humanitarian law principles for the private security industry operating in complex environments, as well as to improve oversight and accountability of these companies. The Code was developed through a transparent and inclusive multi-stakeholder process, and sets forth human rights and humanitarian law-based principles for the responsible provision of private security services.

 

How was the Code of Conduct developed?

The International Code of Conduct for Private Security Service Providers is the fruit of a multi-stakeholder initiative launched by Switzerland, with the over-arching objectives of articulating the human rights responsibilities of private security companies (PSCs), and articulating international principles and standards for the responsible provision of private security services, particularly when operating in complex environments. Over the course of an 18-month process, Switzerland brought together private security companies, sovereign states (including Australia, the United Kingdom and the United States), civil society organisations and academics to elaborate a code of conduct for the private security industry, based on international humanitarian and human rights law and standards.

 

At its adoption in 2010, the Code of Conduct was signed by 58 private security companies from fifteen countries; by 2013 708 companies had signed the Code.

 

What is the content of the Code of Conduct?

The principles for the responsible provision of private security services as contained in the Code can be broadly summarized in two categories: first, principles regarding the conduct of PSC personnel based on international human rights and humanitarian law standards; and second, management and governance principles.

 

Human rights principles guiding PSC personnel include inter alia rules on the use of force, on apprehending and detaining individuals, the prohibition of torture or other cruel, inhuman or degrading treatment or punishment, sexual violence, human trafficking, slavery and forced labour, child labour, and discrimination. Principles on management and governance contained in the Code of Conduct concern the inclusion of the Code in management policy, the vetting of personnel and subcontractors, training of personnel, management of weapons and other material of war, the working environment and harassment, incident reporting, and the establishment of a fair and accessible grievance mechanism offering effective remedies.

 

Why is the Code of Conduct needed?

Recent years have seen an increasing privatization of the security sector. The most significant examples are the employment of PSCs in armed conflicts in, for example, Afghanistan or Iraq, , or by the extractive industry to secure their operations. PSCs play an important role in protecting state and non-state clients engaged in relief, recovery, and reconstruction efforts, commercial business operations, diplomacy and military activity. The activities of PSCs can have potentially positive and negative consequences for their clients, the local population in the area of operation, or the general security environment regarding the enjoyment of human rights and the rule of law. The Code of Conduct is unique in providing clear human rights and humanitarian law standards for PSCs operating in complex environments, and it has been widely accepted by different stakeholders.

 

To whom does the Code of Conduct apply?

The Code of Conduct articulates principles applicable to PSCs delivering ‘security services’ in ‘complex environments’. The principles for the responsible provision of private security services as contained in the Code apply globally, wherever PSCs deliver such services.

 

‘Security services’ as defined in the Code of Conduct include ‘guarding and protection of persons and objects, such as convoys, facilities, designated sites, property or other places (whether armed or unarmed), or any other activity for which the personnel of PSCs are required to carry or operate a weapon in the performance of their duties’.

 

‘Complex environments’ under the Code of Conduct are defined as ‘any areas experiencing or recovering from unrest or instability, whether due to natural disasters or armed conflicts, where the rule of law has been substantially undermined, and in which the capacity of the state authority to handle the situation is diminished, limited, or non-existent’.

 

What company commitments are included in the Code of Conduct?

The Code of Conduct includes provisions on:

  • implementing appropriate policies and oversight, including steps to be taken in order to establish and maintain an effective internal governance framework to deter, monitor, report, and effectively address adverse impacts on human rights;

  • making compliance with this Code – in particular the human rights and humanitarian law principles contained therein – an integral part of contractual agreements with personnel and subcontractors;

  • operating in accordance with applicable national and international laws and regulations, in a manner that recognizes and supports the rule of law, respects human rights, and protects the interests of their clients. This includes cooperation with any international authorities exercising jurisdiction on alleged crimes committed by these companies.

 

Does the Code of Conduct create new obligations?

The Code itself creates no legal obligations and no legal liabilities for companies that endorsed the Code of Conduct, beyond those which already exist under national or international law. The Code of Conduct complements and does not replace jurisdiction exercised by competent authorities, and does not limit or alter applicable international law or relevant national law.

 

Is the Code of Conduct relevant to the maritime sector?

The Code of Conduct applies to security services provided in complex environments as defined in the Code. The principles within the Code of Conduct apply in maritime environments where the rule of law is undermined and where the capacity of the state authority to handle the situation is diminished, limited or non-existent.

The Code of Conduct enjoys broad acceptance among private maritime security companies: nearly one half of ICoCA’s Member Companies provide maritime security services, of these nearly half operate exclusively in the maritime sector.

 

How does ICoCA ensure compliance with the Code of Conduct?

By signing the Code of Conduct and becoming a member of the ICoCA, PSCs commit to become certified by the ICoCA and submit to ongoing independent monitoring, auditing, and verification. Companies are also required to report regularly to the ICoCA on their performance. 

 

The ICoCA, in its function as the governance and oversight mechanism of the Code, gathers and receives information on compliance of companies with the Code of Conduct. The Association reviews alleged violations of the Code – including in the field – and engages in constructive dialogue with the companies. If companies violate the Code of Conduct and fail to take corrective action or to cooperate with the Association in good faith, the Association’s Board can initiate suspension proceedings.

 

Can companies still sign the Code of Conduct?

Since August 2013 ‘signatory company status’ is no longer granted. Companies interested in committing to the principles contained in the Code and in joining the Code of Conduct process are encouraged to apply for membership of the ICoCA.

 

Companies should not identify themselves, on their websites or in public documents, as ICoC signatories, as this status is no longer valid.

The Association

What is the ICoCA?

The International Code of Conduct for Private Security Providers’ Association (ICoCA) is a multi-stakeholder initiative established as a non-profit association.  The purpose of the ICoCA is to promote, govern and oversee implementation of the International Code of Conduct for Private Security Service Providers (Code of Conduct) and to promote the responsible provision of security services and respect for human rights and national and international law in accordance with the Code.  ICoCA’s integrated approach includes three interrelated core functions:

 

  • Certification of Member Companies assessing whether a company’s systems and policies meet the requirements of the Code,  according to Article 11. 
  • Monitoring  of Member Companies’ compliance with the Code based on established human rights methodologies, including in the field, according to Article 12;
  • Handling complaints on alleged violations of the Code, including allegations that a Member Company’s grievance mechanism is not accessible, fair, or not offering effective remedies, according to Article 13.

 

How is the ICoCA governed?

The main governing bodies of the ICoCA are the General Assembly, the Board of Directors, and the Secretariat operating under the supervision of an Executive Director.

 

The General Assembly is the supreme governing body of the Association and consists of a gathering of the full membership.

 

The Board of Directors is the decision-making body of the Association and manages the affairs of the Association. The Board consists of an equal number of representatives from three stakeholder pillars representing government, civil society and industry.

 

The Executive Director is appointed by and executes the decisions of the Board and - with support of the Secretariat – administers and directs the activities of the Association.

 

Who are the members of the ICoCA?

Membership of the ICoCA consists of States or intergovernmental organizations, private security service providers, and civil society organizations – referred to as the three stakeholder groups.

 

Member States of the ICoCA are States that also support the Montreux Document, and include the main headquarter States of PSCs. Member Companies come from all continents and range from smaller companies to some of the world market leaders. ICoCA Member Companies provide both land-based and maritime-based security services. Civil society organization Members of the ICoCA include international non-governmental organizations as well as local non-governmental organizations working in complex environments where PSCs operate. 

 

In addition, the ICoCA Board of Directors may grant non-voting Observer status to persons or entities that are interested in participating in the work of the ICoCA. The Articles of Association also foresee an Advisory Forum of Montreux Document Participants which is envisaged as a resource to the Board that may provide advice to the Association on national and international policy and regulatory matters.

 

How to join the ICoCA?

ICoCA membership is open to States or intergovernmental organizations, private security service providers, and civil society organizations. In addition to the three membership pillars, there is also an observer category for persons or entities that are interested in participating in the work of the ICoCA but who do not meet the membership criteria or would not wish to become a Member.

 

What role do PSC clients have a role to play in the Association?

Clients of private security companies play a pivotal role under the Code of Conduct. The Code of Conduct can have its greatest impact if State and non-State clients of PSCs consider ICoCA membership a prerequisite for hiring a security company, and include this requirement in their procurement policies. Clients have been involved in developing the Code and the Articles of Association. Non-state clients have the possibility to become observers of the ICoCA, which enables them to participate in the further development of the Code, its Association and the relevant procedures.

Membership

Who can join the ICoCA?

Private security companies (PSCs), civil society organizations (CSOs) and governments can become members, provided they:

  • make a commitment to adhering to the obligations and requirements of the International Code of Conduct for Private Security Providers (ICoC),
  • accept the Articles of the Association and the procedures and rules of the Association, 
  • pay all applicable fees and membership dues.

PSC Member Companies must also:

  • commit to: obtaining certification; participating in reporting, monitoring and performance assessment process; and participating in the complaints process.

Organizations and individuals who do not fit into those groups, but who may still have an interest the ICoCA (eg. academics, other security-related industries, certifying bodies, etc) may join as observers.

 

Who can use the ICoCA Member logo?

Only current Members can display the ICoCA Member logo on their website and other promotional material. Members will be sent the logo as digital graphics file on successful application for Membership, or can request the logo from the Secretariat.

 

An “ICoC signatory” logo was in use prior to the establishment of the Association, but this is no longer a valid status, and all companies are requested to remove this (as well as any mention of 'ICoC signatory' status) from websites and promotional material. Member Companies should demonstrate their membership through use the ICoCA Member logo.

 

The ICoCA logo is a registered trademark and cannot be used by any company not a certified member of ICoCA.

 

In the event of misuse of the ICoCA logo, the Secretariat will contact the offending party with a request to cease the unauthorized use.

 

Why join the Association?

 

Private Security Companies

By joining the ICoCA, private security companies show their commitment to complying with the fundamental human rights and humanitarian law principles and standards articulated in the Code of Conduct. Certification by the Association is a public statement that the security company’s policies and systems have been independently reviewed and found to be in compliance with the Code of Conduct and that member PSCs’ activities are continuously monitored. Moreover, as an increasing number of States and non-State clients are requiring ICoCA membership as a prerequisite to participating in bidding processes, becoming an ICoCA member may open up more business opportunities for PSCs.

 

States and intergovernmental organizations

By joining the ICoCA, States and intergovernmental organizations emphasize their commitment to effective private security sector governance, as well as their support for international human rights - and humanitarian law - based principles and standards applying to the responsible provision of private security services, including those contained in the Montreux Document. As a non-State mechanism, the ICoCA is complementary to national governmental measures and offers an additional facility through which companies can be held accountable, potentially including redress for victims.

 

Civil Society Organizations

By joining the ICoCA, civil society organizations help to promote and protect human rights and support the rule of law through improving effective regulation and accountability of the private security sector. Member civil society organizations play a key role in safeguarding the human rights focus of the Association’s core functions, and in ensuring that monitoring is carried out according to established human rights methodologies. Additionally, CSO members can contribute to identifying particular areas and regions where the provision of private security services may encounter higher risks, ensure that the concerns and needs of impacted communities are taken into account, and that complaints processes are accessible and ensure effective remedies.

 

What is the process for applying for membership?

Eligible PSCs, CSOs and governments can request consideration for membership. They will be asked to provide evidence of their eligibility, and prospective industry members will be asked to provide a written plan explaining how they have implemented the Code of Conduct in their current and planned operations. To find out more and apply for membership, see ‘How to become a Member’.

 

How will ICoCA benefit civil society and Government members?

Through their membership, states and intergovernmental organizations show their commitment to effective private security sector governance, as well as their support for international human rights - and humanitarian law - based principles and standards applying to the responsible provision of private security services sector, including those contained in the Montreux Document.

 

Civil Society Organizations help to promote and protect human rights and support the rule of law through improving effective regulation and accountability of the private security sector. CSO Members play a key role in safeguarding the human rights focus of the Association’s core functions, and in ensuring that monitoring is carried out according to established human rights methodologies. Additionally, CSO members can contribute to identifying particular areas and regions where the provision of private security services may encounter higher risks, as well as in ensuring that the concerns and needs of impacted communities are taken into account and that the complains process is accessible and ensures effective remedies.

 

What are the costs of membership?

Financial obligations related to membership will depend on the membership pillar. The ICoCA is primarily financed by its members.

 

Government contributions are made on a voluntary basis.

 

Member Companies pay a joining fee ($1000) and an annual due which is determined according to the company’s revenue as follows:     

     

Level

      Revenue

      Annual dues

Small

      $ 0-3M

      $3,500

      $ 3-10M

      $6'000

      $ 10-20M

      $7'000

Medium

 

      $ 20-50M

      $11'000

      $ 50-100M

      $12'000

Large

      $ 100-300M

      $14'000

      $ 300-500M

      $16'000

      $ 500M+

      $18'000

 

 

Civil Society membership dues amount to $100, which can be waived under certain conditions.

 

Observers pay dues of $1,000 (commercial entities) or $100 (non-profit entities), which can be waived under certain conditions.  

 

Certification

What is the ICoCA Certification Procedure?

The Certification Procedure describes the current process for Member Companies to become certified by the ICoCA. The Procedure is structured in different sections, each detailing an individual aspect of the Certification function. In particular, it explains:

 

  • The role of the Certification Committee (CC), the Board and the Secretariat;
  • How external national and international standards are proposed to the ICoCA, reviewed by the Secretariat and the CC, and recognised by the Board;
  • The relationships between the ICoCA and the Certification Bodies;
  • The process for companies to become ICoCA certified, which is one of the requirements to become a Member of the ICoCA.

For more details, including guidance and forms for applying for Certification, see the Certification pages. The Secretariat is happy to give further explanations on demand.

 

Which standards have been recognised by the ICoCA?

External standards currently recognised by the ICoCA Board are PSC.1, ISO 28007, and ISO 18788. Certification must be carried out by an independent accredited certification body.

 

My company is certified to a Board-recognised standard. How can it become ICoCA-certified?

The process is:

  • A Member Company needs to be certified, by an independent accredited certification body,  to an external national or international standard recognised by the ICoCA Board (PSC.1, ISO 28007 and ISO 18788).
  • The Member Company should then provide to the Secretariat the appropriate documentation and additional information, as stated in the Recognition Statement for ANSI/ASIS PSC.1-2012 , the Recognition Statement for ISO 28007, or in the Recognition Statement for ISO 18788.
  • The Secretariat reviews the information in accordance with a set of criteria defined by the Certification Committee and makes a recommendation to the Board to either approve or deny the Member Company ICoCA Certification. 
  • The Board votes to confirm the status of the members recommended by the Secretariat for ICoCA Certification.
  • The Secretariat issues a certificate and the Member Company becomes a “full” member.

 

When should my company apply for ICoCA Certification?

The process officially opened on 1 November 2016. Member Companies that are certified to an ICoCA-recognised standard are encouraged to submit their application following the guidance documents.                

 

All Member Companies are required to achieve ICoCA Certification by September 2018. Companies are encouraged to apply for ICoCA Certification as soon as possible.                

Monitoring

 What is the ICoCA Monitoring Procedure?

A Reporting, Monitoring and Assessing Performance Procedure  (Article 12) was adopted by vote at the 2016 AGA, and forms the basis for monitoring operations, which are being introduced and increasingly used during 2017. The procedures involve remote monitoring, self-assessment by Member Companies, and field-based reviews, in order to identify any concerns about—or barriers to—compliance with the Code of Conduct. 

 

The ICoCA’s monitoring function is designed to identify concerns about—or barriers to—compliance with the Code of Conduct. Information is collected through an integrated approach involving: 

  • Remote monitoring: public-source screening and the development of a monitoring network;
  • Company self-assessment by Member Companies: an annual reporting process to identify areas for improved performance and patterns of non-compliance; and
  • Field-based reviews: in-country missions monitor specific areas of Member Companies’ performance.

 

What are the triggers for field-based reviews?

A field-based review can be triggered by the Secretariat on the basis of identified need or upon the request of a Member of the Association. 

 

How does ICoCA respond to issues identified through monitoring?

The Secretariat engages Member Companies in a confidential dialogue on issues that arise as a result of monitoring, and how these issues could be remedied. Successful strategies are shared with other Member Companies in order to improve performance throughout the sector. In case of failure to act in good faith to remedy non-compliance with the Code, the procedures also provide a mechanism for corrective and disciplinary action, including membership suspension or termination.

 

How is sensitive information provided through self-assessment or monitoring protected by the ICoCA?

The Secretariat’s top priority is security. Data which is considered highly confidential is currently kept on a stand-alone workstation that is not connected to a network, and other data is kept on a secure database with a dedicated network. Industry-standard security measures are being sought to ensure data is securely kept and managed. Secretariat staff are bound by confidentiality agreements, and are selected for their demonstrated experience in working in confidential environments, and sensitive information is not shared outside of the Secretariat. Where it is necessary for the Board to consider information that may be sensitive they are provided with a summary that omits details of individual companies or operations. Board members are required to sign a non-disclosure agreement, and to register any conflict of interest where it may exist.

Complaints

What is the ICoCA Complaints Procedure?

The Complaints function facilitates access to fair and accessible grievance procedures that offer effective remedies for individuals adversely affected by PSCs. The ICoCA will assist Member Companies in establishing operational grievance mechanisms to effectively and fairly handle complaints, and, where complaints cannot be effectively handled by operational grievance mechanisms, will facilitate access to alternative grievance procedures. We actively encourage participation by CSOs experienced in handling human-rights related complaints.

 

How does Secretariat respond to a complaint?

Upon receipt of a properly filed complaint the Secretariat will carry out a preliminary review, analyzing the nature of the allegations, assessing whether the complaint refers to criminal activities, personnel disputes, violations of the Code, etc. If it involved alleged violations of the Code by activities of an ICoCA Member Company, the Secretariat will accept the complaint for processing. The Secretariat will then ascertain whether the Member Company’s grievance mechanism could constitute a viable path and whether other appropriate grievance mechanisms are available; and will present to the complainant options to pursue their claim. In the event of no sufficient existing company grievance mechanism, ICoCA will provide recommendations and guidance for corrective action, and/or options for alternative grievance mechanisms to resolve the complaint, such as mediation or the ICoCA’s ‘good offices’.

 

Can the Secretariat provide advice to ICoCA Member Companies on setting up a grievance mechanism?

Yes: one of the Secretariats’ functions is to provide support to Member Companies to develop their company grievance mechanisms; general good practices will be made available, and Members are invited to seek more specific advice. 

 

Who can file a complaint?

Any affected individual or representative can file a complaint. The Complainant may be, for example:

 

  • a community affected by an ICoCA Member Company’s activities
  • employees or their trades union
  • a non-government organisation (NGO)

 

When can a complaint be made? 

You can make a complaint if:

 

  • The company alleged to have breached the International Code of Conduct for Private Security Service Providers (the Code) is a Member of the ICoCA;
  • The private security company activities that are the subject of the complaint could potentially constitute a violation of the Code; these include a broad range of principles for the responsible conduct of private security services as well as management and governance of a private security company.
  • The Complainant(s) has (have) been allegedly harmed by that activity.

 

 

How do I file a complaint?

To file a complaint with the ICoCA, you should:

 

 

Will ICoCA provide timely feedback to complainants?

The complainant will be notified throughout the process of the status of the complaint. The Secretariat will acknowledge receipt of the complaint, ask the complainant for more information as necessary and offer options to pursue its claim within 30 days after acceptance of the complaint for processing. If the company’s grievance mechanism is assessed to be inappropriate to handle the complaint, the Association may recommend that the Member Company take corrective actions and offer the complainant a choice of alternative mechanisms within 60 days after receipt of the complaint.