Global Security, Privacy, & Risk Management

“Lipstick on a Pig”- Vetting Armed Security Part 3 February 21, 2012

The recent event where Italian military personnel killed “suspected pirates” off the coast of India should provide an exclamation point to shipping companies on the need to carefully evaluate the armed security protecting their vessels.  While military personnel were involved in this particular incident, it is simply a matter of time before private military contractors make the same mistake.  This post is part 3 of a series of posts on vetting companies.  You can read the previous posts here and here.

One of the tactics being employed by many companies within the maritime security arena, and especially those with little experience, is to promote the fact that they are “ICOC signatories” as evidence of their professionalism and expertise.  While there is little debate that the ICOC is a step in the right direction toward gaining some form of control over a growing industry, the ICOC is NOT and should NOT be viewed as anything more than what it is. Using the ICOC as any basis of evaluation of a security company is both dangerous and short sighted.  All companies should be signatories of the ICOC.  That being said, the ICOC is not intended to be a governance document or standard.  The purpose of the International Code of Conduct for Private Security Companies (ICOC PSC) is to:

“… set forth a commonly-agreed set of principles for PSCs and to establish a foundation to translate those principles into related standards as well as governance and oversight mechanisms.”

In short, the ICOC PSC is nothing more than a basic outline of principles that are intended to be used as a foundation for futher governance and oversight mechanisms.  Companies who sign the ICOC PSC are committing to following the ICOC standards.  There is NO current mechanism for either vetting or evaluating companies that sign.

It should also be noted that signing the ICOC PSC is only the first step in gaining complying under the document.  As stated in the document:

“Signature of this Code is the first step in a process towards full compliance. Signatory
Companies need to: (1) establish and/or demonstrate internal processes to meet the
requirements of the Code’s principles and the standards derived from the Code; and
(2) once the governance and oversight mechanism is established, become certified
by and submit to ongoing independent Auditing and verification by that mechanism.“

As stated previously, it is important to take a deep look at the companies being evaluated  Create a check list to determine which organization is best suited to serve the needs of your company.  At a high level here are a few things you want to review.  These are outlined in the previous posts on the subject.

1) Conduct a search of the company to verify the claims being made on their website and literature.  In today’s interconnected world, it is far to easy for companies to fabricate information on their websites.

2) Evaluate the company’ owners, founders, and management to ensure that they possess the experience and skills necessary.  Again, review their backgrounds and military credentials, if applicable.  In security, there is little room for cowboys being led by incompetent management.

3) Ask about incidents.  If a company has conducted 300 transits and had ICs detained once in a foreign country for an administrative mixup, it is likely low risk.  If the company has people arrested or detained every 10 transits, this likely indicates that the company is playing loosely with the rules, and laws.

4) Speak with current and former clients of the company.  If the company is claiming to have provided “hundreds” or “thousands” of security details, then they should be able to provide a few references.  Gain an understanding of the company’ processes and procedures.

5) Verify whether the actual guards (ICs) are vetted by the company.  In today’s world there are many combat veterans suffering from PTSD.  While we want to take care of our wounded veterans, placing someone with PTSD in a high risk situation with a weapon may not be the best idea.  Additionally, you want to ensure that the ICs are not convicted felons or have other questionable attributes.

6) As the ‘hard questions’.  This is a very important decision so you want to have a level of comfort with your security vendor.  Ask about training, and policies and procedures.  As to see the company’s training materials and procedures on the rules of force, and the force continuum.

7) Talk with your captains after every transit to understand how the ICs operated, and behaved.  Lack of discipline should never be tolerated.

8) Understand their operations.  If the company claims to have licenses to transport weapons internationally, you need to see proof that the company can 1) export weapons from the country of origin and 2) import the weapons for embarkation on the vessel.  Simply possessing an ITAR license in the US does not mean the company can import the weapons into a 3rd country and get them embarked on a vessel.

9) Understand the corporate culture and status.  Companies with high turnover or who have lost important executives may struggle with operations and other aspects.  Wearing too many hats is a recipe for disaster in the security world.

Finally, never stop evaluating your security vendors.  Loss of revenue or financial difficulties often tempt companies to cut corners on training, and personnel.  A good security company today may be an ineffective, dangerous security company tomorrow.  Remember, a pig with lipstick is still a pig.