See all articles

Multi-stakeholder self-regulation mechanisms for PMSCs – good enough for the United Nations?


Private Military and Security Companies (PMSCs) are not only hired by states, the UN makes use of PMSCs as well. Recent years have witnessed an increase in the number of PMSCs used by the UN (DCAF, Pingeot). One of the current challenges is the use of PMSCs in UN peacekeeping operations. There has not been a single peacekeeping operation without the involvement of PMSCs since 1990. In May 2014 the UN employed 30 PMSCs. They used unarmed security personnel in 11 peacekeeping operations and in one support mission (UNMIL, UNMISS, UNISFA, MONUSCO, UNOCI, MINUSMA, UNIFIL, MINURSO, UNAMA, UNMIK, MINUSTAH, UNMOGIP). For two missions (MINUSTAH and UNAMA) they engaged armed security personnel (A/69/338). Performing the same task as national troops causes the risk of violating norms of international law: Human rights abuses committed by PMSCs have hardly resulted in legal responsibility and individual liability. In the course of litigation, several recurring legal arguments have been used in the defense of PMSCs and their personnel, including the Government contractor defense, the political question doctrine and derivative immunity arguments. At the same time no state or international organization has been found responsible for illegal activities of its PMSCs, since PMSCs do not meet the strict criteria for attribution to a state or an international organization. Attribution to a state requires an institutional, organic or control link. Usually PMSCs are not incorporated into the national forces. This fact precludes an attribution as organs of the state and the attribution of off-duty conduct unless the violations occur in the course of or incidentally to their contractual duties. The application of the effective control test is rather unsatisfying as well. It is almost impossible to prove such a high threshold of control so that the effective-control test has been mainly invoked to deny attribution (EJIL: talk!). Therefore, it is even more important to ensure that PMSCs respect international humanitarian law and human rights law and provide remedies for victims. It is intended to meet this requirement by supporting new multi-stakeholder self-regulation mechanisms for PMSCs.

Multi-stakeholder self-regulation mechanisms for Private Military and Security Companies

While the Montreux Document recalls on existing legal obligations and is limited to armed conflicts, the new initiatives contain a broader scope of application and implementation procedures. The International Code of Conduct for Private Security Service Providers (ICoC), released in 2010, is a multi-stakeholder initiative to define principles and standards of the PMSC branch and is used as a platform for companies to commit themselves to adhere to the rules. As a code of conduct it is not legally binding. It aims to help PMSCs to conduct their business within the boundaries of international humanitarian law and human rights law by defining principles and standards and improving accountability. In 2013 the ICoC – Articles of Association (ICoCA) were released. The member structure of the ICoCA consists of three pillars: States, PMSCs and the civil society organizations. By now there are 106 members of the ICoCA, 87 PMSCs, 6 governments and 13 civil society organizations. It aims to promote and oversee the implementation of the ICoC through certification, monitoring and providing a complaint mechanism and effective remedies. The main bodies of the ICoCA are the General Assembly, the Secretary, the Board of Directors and the Executive Director. They are composed equally of the three pillars. The ICoCA focuses on two main aspects (whereby in this text only the first aspect will be addressed):

  • setting out basic requirements for certification of PMSCs and provide oversight of this process and
  • providing effective remedies for victims.

The certification procedure of the ICoCA

The Association is responsible for certifying that a member company’s standing operating procedures meet the Code’s principles. The ICoCA set specific requirements for the certification procedure. They are to be defined with regard to national or international standards and need to be recognized by the Board as consistent with the Code. The Board establishes a Certification Committee composed of the three pillars. The Certification Committee may consider any relevant standards submitted by a member company as an admissible standard for potential recognition as an ICoCA approved standard. After a standard has been accepted for evaluation, the Certification Committee will conduct that evaluation by comparing the standard to an analytical framework based on the ICoCA. If the standard is considered to be consistent with the Code, the Certification Committee releases a draft recognition statement. All members of the Code can comment on the standard and the Board will then vote on whether or not to accept the standard as an ICoCA approved standard.

On 3rd of September 2015 the Board voted to accept the ANSI/ASIS PSC.1-2012 standard as the first ICoCA approved standard. The ANSI/ASIS PSC.1-2012 includes specific requirements for PMSCs to demonstrate that they have considered human rights risk and provide remedy mechanisms for victims. Any member company which achieved certification by the ANSI/ASIS PSC.1-2012 standard can then seek ICoCA certification in a second step.

It is claimed that a reliable system to regulate the PMSC industry has been established. Especially its character as a common initiative of the industry, the civil society and the governments, the creation of a certification procedure which is based on international accepted standards and the creation of a complaints procedure for potential victims are invoked in this context. This is questionable: The inability and unwillingness to enforce and oversight its own rules has been identified as a characteristic of self-regulatory mechanisms. Therefore the effectiveness of self-regulation depends on external control and oversight mechanisms (Page, 143). However, according to the ICoCA the Association and not the states or the international organizations themselves will exercise oversight. Hence, the Association fails to meet this crucial requirement. Moreover, there is doubt on the auditor’s competence and expertise. While some national certification bodies use human rights specialists others do not. As a consequence some PMSCs are held to higher human rights standard than others. The limited scope of the ANSI/ASIS PSC.1-2012 and the awareness of contracting states or international organizations of this limitation cause concerns, as well. The company itself may decide over the geographical scope of the certification. Hence, a company conducting several contracts (e.g. contract A in a conflict zone and contract B in a non-conflict zone) could apply for certification limited to contract B. Finally it needs to be stressed that there is still a high number of non-certified PMSCs. Therefore it needs to be ensured that states or international organization only contract certified PMSCs.


PMSCs play an essential role in peacekeeping missions and contribute to the organization of the missions. At the same time there are no sufficient regulations which could be applied to PMSCs on national and international level. The UN Department for Safety and Security released Guidelines on the UN’s Use of Armed Security Services from Private Security Companies (UN Guidelines). According to these UN Guidelines, a company needs to comply with specific requirements to get hired by the UN. The UN Guidelines make reference to the Montreux Document and require membership of the ICoC. However, due to the lack of control and effective remedy mechanisms this new trend of establishing multi-stakeholder self-regulation mechanisms is not (yet) capable to meet the needs with respect to the use of PMSCs. It is of utmost importance to implement a governmental oversight and control procedure and that states and international organizations support the implementation and development of the certification procedure. Moreover, the UN needs to develop effective penalties (e.g. fee reduction, exclusion from further contracts or blacklisting) for non-compliance to ensure the effective implementation of the rules outlined in the UN Guidelines.

The implementation of the ICoCA and its certification procedure is still in process and its effectiveness can and must prove itself. However, the potential impact of the ICoCA should not be underestimated. The involvement of the three pillars and the approval of a certification procedure makes the ICoCA the most promising attempt to regulate the PMSCs industry. This cannot conceal that further steps are necessary. An objective and independent control mechanism needs to be established and the remedy procedure needs to be restructured to ensure that every victim could grasp it.


Tina Linti is PhD student and scientific assistant at the Faculty of Law – Friedrich-Alexander-University of Erlangen-Nürnberg. In her thesis she addresses the questions wheatear PMSCs are legally allowed to be employed in peacekeeping operations.


Cite as: Tina Linti, “Multi-stakeholder self-regulation mechanisms for PMSCs – good enough for the United Nations?”, Völkerrechtsblog,  30 December 2015, doi: 10.17176/20171004-111915.

Tina Linti
View profile
Print article
Submit your contribution
We welcome contributions on all topics relating to international law and international legal thought. You can send us your text, or get in touch with a preliminary inquiry at:
Subscribe to the blog
Suscribe to stay informed via e-mail about new posts published on Völkerrechtsblog and enter your e-mail address below.