Deborah Avant, Sié Chéou-Kang Chair for International Security and Diplomacy at the Josef Korbel School of International Studies, University of Denver has recently posted an excellent commentary to the Private Security Monitor website. (Those of you unfamiliar with Private Security Monitor should check it out, as it is a one stop shop for useful information and resources on the private military and security industry.) In the commentary, she makes a timely call for continued pragmatic engagement between the civil society, government, and industry stakeholders who are preparing to stand up the Association that will oversee the implementation of the International Code of Conduct for Private Security Service Providers (ICOC). The charter for the Association (ICOCA) was completed in February at a conference in Montreux, Switzerland and security companies, civil society organizations, and governments currently are being asked to indicate to the Swiss government their interest in becoming members of the ICOCA.

When it comes time for stakeholders to decide whether they are “in or out” of a multi-stakeholder initiative, this seems to create a sense of urgency, as stakeholders must determine if being part of an initiative makes sense for them in terms of their missions, goals, reputations, and the costs and benefits of being involved. Now is the time for stakeholders to show their commitment to the ICOCA, because as Professor Avant rightfully points out, it “promises to institutionalize an overlapping set of initiatives that, together, represent a significant step toward the effective governance of the global private military and security industry.”

The overlapping set of initiatives that Professor Avant is referring to include not only the ICOC, but also the Montreux Document on Pertinent International Legal Obligations and Good Practices for States Related to Operations of Private Military and Security Companies During Armed Conflict and the American National Standards Institute’s series of four national management system standards for security services, the ANSI/ASIS PSC series. However, differing interpretations of the relationship between these three initiatives has become somewhat of a sticking point. I would argue unnecessarily so, and Professor Avant is correct in pointing out their complementarity. Together they have the potential to improve regulation, oversight, transparency, and accountability of the industry to a degree that international regulation alone could not. (Progress in coming to an agreement on an international convention, as proposed by the UN Working Group on the Use of Mercenaries, seems unlikely at this point in time.) Of course, this is not to suggest that states’ obligations to sufficiently regulate their security industry, to ensure that the human rights of people affected by the industry are protected, and to create adequate criminal and civil accountability for companies and their personnel that commit rights violations can be outsourced to voluntary regulatory efforts. Voluntary and mandatory regulation, as well as better international regulation, must work hand in hand.

No doubt, each initiative has its strengths and weaknesses. The PSC1 national management system standard, and the ability of a private security company to be certified to it by an accredited certification body, builds on internationally recognized, standardized, and professionalized processes for auditing and certification. Management system standards are also well suited to assisting companies in identifying where improvements can be made to their management policies and procedures in order to mitigate human rights risks in their operations through a continual process of improvement called the plan-do-check-act cycle. The DOD already requires its security providers to adhere to PSC1 and the British government has followed suit. While some CSOs have raised concerns about the independence of auditing and certification carried out via a paid contractual relationship, the fact that compliance with PSC1 is being written into contracts with two of the key contracting states using security services creates certain facts on the ground that cannot be ignored. Companies are hesitant to be subjected to potentially duplicative audits. For this reason, the charter stipulates that the ICOCA will examine national and international standards for their conformance to the ICOC’s principles and may elect to require additional information if needed.

The ICOCA also brings strengths that cannot be replicated through a management system standard. It is thoroughly multi-stakeholder in nature, giving civil society organizations equal standing with companies and governments in the governance structure. This will not only strengthen the legitimacy and credibility of certification and monitoring under the ICOCA, but will also ensure greater transparency of companies’ activities than possible from a paid contractual relationship between a company and a hired certification body. The ICOCA, through human rights risks assessments and field-based reviews, is in a position to examine the actual human rights impacts of the industry in an area of operation, and provide recommendations on how to adjust policies, procedures, and operations to mitigate human rights risks. It can also offer a forum for shared learning between stakeholders. The ICOCA also has the potential to create stronger grievance mechanisms at both the company and Association levels. To date remedy for victims of human rights abuses has been almost non-existent. However, much will depend on how the provisions of the Articles of Association are developed by the incoming Board into detailed policies and procedures for certification, performance assessment, and grievance mechanisms. This is why active involvement from all three pillars is so essential. What was laid out in Montreux reflects a strong start, but the devil will be in the details.

The Montreux Document, which is directed at states, not only lays out existing human rights and humanitarian law obligations of states vis-à-vis the industry, but also details a set of good practices with regards to deciding what services should be privatized, authorizing, selecting, and contracting with PMSCs, monitoring PMSCs’ activities, and ensuring accountability and access to remedy. The Montreux Plus Five conference, planned for this December, will offer a chance to ensure that states are living up to their international obligations and commitment to these good practices, and to insist that they not let voluntary regulation displace their legal obligations to protect human rights during armed conflict and beyond.

These three initiatives are interlocking, but it is the ICOCA that is currently at a critical juncture. All three stakeholder pillars need to continue their pragmatic engagement and reassure each other of their desire to make the Association work. Participating governments need to indicate through their contracting policies that they expect their security providers to adhere to the principles laid out in the ICOC. This will provide reassurances to the companies who have signed the ICOC and who are now contemplating whether or not to become members of the Association. While it is unrealistic to expect that all 659 signatory companies will become members, the industry leaders need to get on board. Civil society organizations must actively participate as well, and continue to provide their human rights and humanitarian law expertise as well as their knowledge of multi-stakeholder initiatives to ensure that the ICOCA assurance framework and grievance mechanisms have the teeth to bring about the desired human rights impacts on the ground. Finally, the tent needs to be bigger for the ICOCA to have a global reach – territorial states are missing as are non-state clients and civil society should include NGOs from the areas in which companies are operating. This should not be a “Northern” initiative.

If the ICOCA fails, what is the alternative? Frankly, not much. As Professor Avant concludes: “Though far from perfect in the eyes of any stakeholders, the ICoCA promises to institutionalize the pragmatic engagement responsible for the progress thus far and play an important and positive role in ensuring that the industry respects international norms. Without it the entire web of governance including the Montreux Document, the ICoC, and the PSC standards will be weaker and the potential for continued progress will be dimmed.”