Introduction
Private Security Companies (PSCs), that is, companies that supply land-based services such as ‘guarding; close protection; physical protection measures; security awareness; risk, security, and threat assessment; the provision of protective and defensive measures for compounds, diplomatic, and residential perimeters; escort of transport; and policy analysis’ have become important actors in global security governance.Footnote 1 In particular, the United States relies extensively on PSCs to support its military operations abroad. The US Department of Defense (DoD) employed up to 15,279 private security contractors in Iraq, including 13,232 armed security guards.Footnote 2 In Afghanistan, the number of private security personnel contracted by the DoD peaked at 28,686 in 2012.Footnote 3 European countries are also increasingly hiring PSCs in peace and stability operations.Footnote 4 Even international organisations such as the United Nations and the European Union have expanded their employment of PSCs for protection in conflict environments. In 2010, more than 5,000 commercial security guards supported United Nations (UN) agencies in the field.Footnote 5 In 2012, UN peacekeeping missions listed contracts for 3,376 armed and unarmed security personnel.Footnote 6
These developments raise important questions about the standards and control of PSCs that support international operations in regions of conflict. High profile scandals, such as the Blackwater incident in Iraq, and reports of PSC extortion and corruption in Afghanistan have highlighted the impunity of some firms.Footnote 7 Despite efforts to improve PSC accountability by clarifying state obligations under international law and by introducing new national laws such as the US Military Extraterritorial Jurisdiction Act, there remain important gaps in the regulation of the industry.Footnote 8 One important gap concerns the licensing of PSCs in global security governance, including common criteria for the selection, vetting, training, and behaviour of PSCs and their staff. Many countries license their domestic security industries, but these regulations do not normally apply to the international operations of PSCs.Footnote 9 Since transnational PSCs hire primarily local staff for contracts in conflict regions their selection, vetting, training and operations only have to comply with host nation laws. Some host states such as Iraq and Afghanistan have introduced their own licensing procedures for PSCs. However, these licensing regimes are often limited in scope and lack effective enforcement.Footnote 10 In Afghanistan, President Karzai thus attempted to prohibit PSCs after national licensing regulations failed to have any impact due to simple disregard, corruption and patronage.Footnote 11
Crimes and human rights abuses committed by PSCs in conflict regions are often underreported. Weak local judiciaries and the difficulties of extraterritorial evidence gathering by home states further obstruct effective prosecution.Footnote 12 Status of Forces Agreements exempting contracted military and security personnel from local jurisdiction pose another impediment to holding PSCs and their staff accountable.Footnote 13 A global licensing regime could help prevent such crimes. The UN Working Group on Mercenaries has proposed a Draft International Convention on Regulation, Oversight, and Monitoring of Private Military and Security Companies.Footnote 14 However, there is little international support for the UN Draft Convention among the UN member states. The difficulties of implementing and monitoring licences with a transnational application have been major arguments against an international regime. Nevertheless, many Western countries have adopted national licensing laws for maritime security firms operating in international waters, demonstrating that transnational regulation is possible in principle.Footnote 15
The US and the United Kingdom (UK), which have the largest military and security service industries worldwide, have been major opponents of a global licensing regime for PSCs. Both countries have instead promoted international self-regulation as a suitable mechanism for improving industry standards. The DoD thus commissioned ASIS, a private security trade association, to collaborate with the American National Standards Institute (ANSI) in the development of the PSC.1, PSC.2, and PSC.3 standards for a ‘Management System for Quality of Private Security Company Operations’ and PSC.4 ‘Assurance and Security Management for Private Security Companies Operating in the Maritime Environment’.Footnote 16 The UK government, in turn, enlisted the ADS Security in Complex Environments Group (SCEG), a British industry association, and the UK Accreditation Service to propose voluntary standards and certifications for British PSCs with international operations.Footnote 17 In addition, both countries have supported the transformation of the PSC.1 standard into the new International Organization of Standardization (ISO) Standard 18788 ‘Management System Standard for Private Security Operations’.Footnote 18
Fundamental to self-regulation and voluntary certification, however, is the assumption that the consumers of private security services will help facilitate and enforce these schemes by shifting their custom to PSCs who have signed up codes of conduct or certified as compliant with voluntary standards. Only if self-regulation or certification provides them with an advantage over competitors have businesses a financial incentive to join. Public consumers play an important role in this regard because of the number and size of their security contracts in regions of conflict. Whether this assumption is correct is an important, but usually unasked question. The Confederation of European Security Services (CoESS) raises doubts about its validity, observing that ‘in the very great majority of cases (85%–100%) public authorities award … [security service] contracts on the basis of price alone’ with detrimental effects on professional standards.Footnote 19 CoESS, therefore, calls on public contracting agencies to use their ‘buying power’ to improve ‘the rules and quality of the security services provided’.Footnote 20
This article seeks to investigate whether these expectations regarding the promotion of industry self-regulation are realistic. What conditions shape the ability of public authorities to influence industry standards through their consumer behaviour alone? Moreover, to what degree are public clients willing to let concerns about the professional standards of PSCs guide their contracting behaviour as opposed to other interests, such as cost or efficiency? The original contributions of this article to the existing literature are threefold. First, the literature on PSC self-regulation identifies many actors and factors who contribute to voluntary standard setting.Footnote 21 Yet, it pays very little attention to consumption of private security services.Footnote 22 This article seeks to address this gap by investigating the potential and limitations of public consumer behaviour for promoting security industry self-regulation. Second, this article develops a theoretical framework for understanding how public consumers can help facilitate and enforce PSC industry self-regulation, building on basic microeconomics, and Albert O. Hirschman’s classic treatise Exit, Voice, and Loyalty.Footnote 23 The resulting framework goes beyond the original insights and applications of Hirschman’s own work by identifying a generalisable set of strategies which public (and private) consumers may use to influence industry standards. Third, the article contributes to the assessment of new developments in PSC industry self-regulation such as the ASIS/ANSI Standards for PSC management.
Before turning to this question it is important to point out two caveats. This article does not aim to assess the performance of the global PSC industry or individual companies. Neither does it seek to imply that large numbers of PSCs act in an unprofessional manner. If this article focuses on unprofessional behaviour, it is in order to investigate whether and under what conditions consumers are able and willing to punish companies who fail to comply with expected professional standards.
In the following, this article is structured into five sections. The first section discusses several determinants for effective industry self-regulation, ranging from market pressures to the shadow of hierarchy. The second section suggests that, wherever the shadow of hierarchy is weak, consumer behaviour becomes a key factor in promoting and enforcing industry standards. Consumers can influence the likelihood and enforcement of industry self-regulation and certification through three strategies in particular: choice, voice, and exit. The subsequent sections examine the ability and past conduct of the US government as a major public consumer of transnational security services. There are three reasons for this case selection. Although many transnational PSCs have diversified their client base, including a growing number of European countries, international organisations, development agencies, non-governmental organisations, extractive industries and transnational corporations, the US is probably the largest single consumer of PSC services worldwide. While the US is no monopoly purchaser, its contracting behaviour thus has the potential to exert considerable influence on PSC standards.Footnote 24 In addition, the US government has access to a greater range of expertise, resources, and alternatives when it comes to exerting choice, voice, and exit than other countries. Finally, public information policies facilitate access to verifiable information regarding US government consumer behaviour, whereas data about other public clients of PSCs is scarce due to confidentiality clauses included in many security contracts.
Another factor setting the US or any government consumer apart is the ability to impose public regulation. However, the next section will argue that US Presidents from Bush to Obama have resisted demands for national and international public licensing regimes for PSCs, instead expressing a strong preference for voluntary industry standards. The ‘shadow of hierarchy’ which in other sectors may induce industry to pre-empt public regulation through compliance with voluntary standards is thus rather weak in this specific case, allowing this study to focus on the US government’s behaviour as a consumer of private security services.
Self-regulation, market pressures, and the shadow of hierarchy
The possibilities and pitfalls of PSC industry self-regulation have been important concerns in academic and practitioner debates.Footnote 25 Self-regulation ‘exists when industry members jointly pursue regulatory or standard-setting activities in the absence of explicit legal requirements’.Footnote 26 Characteristic of self-regulation is voluntary membership and its extension beyond existing legal requirements.Footnote 27 Based on the assumption of rational profit maximising companies, management and political theories suggest that two factors encourage industry self-regulation. The first factor comprises negative and positive market incentives. The threat of decreasing revenue due to consumer dissatisfaction or reputational damage caused by low standards of production and service can exert negative pressures.Footnote 28 Positive pressures include the potential benefits of industry self-regulation, such as increased demand for certified products and services, the exclusion of new or low-standard competition, and the creation of new markets.Footnote 29
The second factor is the shadow of hierarchy, that is, the desire of businesses and industries to avert public regulation.Footnote 30 According to Tanja Börzel and Thomas Risse, the shadow of hierarchy is best understood as a continuum stretching from weak to strong.Footnote 31 Towards the ‘weak’ end of the scale there is little or no indication that the absence of industry self-regulation or professional standards will lead to (stricter) public regulation or legislation. Towards the ‘strong’ end there are explicit threats by national governments or international organisations that the failure to self-regulate will cause public interventions. Several conditions contribute to weakening the shadow of hierarchy. The first condition is limited political willingness to impose public regulation.Footnote 32 If industry is convinced that a government has not the political will or ability to expand public controls, it has little cause to self-regulate in order to pre-empt statutory controls. A second condition is the ability of businesses to evade national regulations.Footnote 33 Transnational industries which are able to transfer their headquarters elsewhere can avoid tighter regulations. A third factor is disagreement within or among states regarding the need for or content of national or international industry regulation.Footnote 34 Finally, the threat of public regulation is likely to be unconvincing when a state or international organisation has demonstrated a weak capability for implementation and enforcement.Footnote 35
At first sight, the shadow of hierarchy concerning the regulation of PSCs appears to be significant in the US. Existing laws such as the War Crimes Act (1996) and the Alien Tort Claims Act (1789) permit the prosecution of US nationals and corporations, including PSCs, for war crimes or violations against the ‘law of nations’ in a federal court.Footnote 36 In addition, the US government has adopted several new laws or amendments due to growing concerns about the behaviour of PSCs in recent military interventions.Footnote 37 The Military Extraterritorial Jurisdiction Act (MEJA) of 2000 extended the jurisdiction of US courts to DoD contractor personnel who are accused of an offense under US law punishable by more than one year in prison.Footnote 38 In 2006, Congress expanded the Uniform Code of Military Justice in order to allow the court martial of ‘persons serving with or accompanying an armed force in the field’ not only in times of war, but also during contingency operations.Footnote 39
A closer analysis, however, reveals that the attempts of the US government to regulate PSCs have been limited. Since the above acts have not been specifically designed for the purpose of controlling PSCs, there remain major gaps in the legislation of the industry. The MEJA, for instance, only applies to PSCs employed by the DoD and not the Department of State. The Uniform Code of Military Justice raises questions about whether it is possible to try a civilian in a military tribunal.Footnote 40 Moreover, existing laws only allow for the prosecution of PSCs or their employees after the fact. The US government has made no efforts so far to prevent crimes and human rights abuses abroad by licensing transnationally operating PSCs. The federal structure of the American political and legal system is one reason for US government’s reluctance to propose a national licensing regime for PSCs. As a report on the private security industry for the Department of Justice remarks, ‘a federal regulation may be too difficult, as state and federal laws are not aligned’.Footnote 41 Since it is the right of individual states to license PSCs registered within their boundaries there exists a wide variety of regulations and nine states have no licensing requirements at all.Footnote 42 Another reason is a lack of political support for licensing PSCs at federal level. The Bush administration outright opposed Congressional demands for stricter laws on PSCs, and Obama has responded only partially to such calls.Footnote 43
The single instance in which the US government has set public minimum standards for PSCs concerns maritime security contractors. The US Code of Federal Regulations Title 33 ‘Navigation and Navigable Waters’ requires that: ‘Company and vessel personnel responsible for security duties … must have knowledge, through training or equivalent job experience’ in tasks such as recognition and detection of dangerous substances, techniques to circumvent security measures, crowd management and control techniques, security communications, and operation of security equipment.Footnote 44 The public licensing of maritime security firms with regard to these standards, however, is not envisaged by the regulations. Successive US governments have made it clear that they favour market mechanisms over public regulation and licensing of the private security industry.Footnote 45 As will be investigated in more detail below, the National Defense Authorization Acts of 2008, 2009, and 2011 set standards only for PSCs which bid for contracts with or are hired by the DoD, relying on US consumer power to affect the industry as a whole.Footnote 46
The threat of a global regulatory regime is equally unconvincing. The negotiations leading up to the Montreux Document resulted in the reiteration of existing state obligations under international law and a non-binding list of good practices for states and PSCs.Footnote 47 Divisions between the supporters of a binding international regime on PSCs, including states from Latin America, Asia and Africa, on the one hand, and its opponents such as the US, the UK, and other Western countries, on the other, have also characterised the discussions about the UN Draft International Convention on Regulation, Oversight and Monitoring of Private Military and Security Companies.Footnote 48 With regard to the setting and monitoring of professional standards for PSCs, it can thus be argued that a shadow of hierarchy from the US or an international agreement may not be fully absent, but it is rather weak on the continuum between an explicit threat and a determined rejection of a public licensing regime.
Consumer influence on self-regulation
In the absence of a strong shadow of hierarchy, consumer behaviour becomes a central factor in promoting industry self-regulation. Microeconomics offers a range of models to explain consumer influence on markets for goods and services. The most basic model relates to the relationship between demand and supply. According to this model, prices transmit important information about demand and supply.Footnote 49 In a competitive market, consumers signal dissatisfaction with specific products and standards through choice, that is, by selecting specific suppliers, and exit by shifting their custom to competitors or by ending client-supplier relations. If higher standard providers attract greater demand, they can raise their prices.Footnote 50 The higher the prices that competitors can ask for their services, the more interested other firms become in offering similar standards.
Consumers are not limited to exit, including the turn to an alternative supplier, when seeking to influence the standards of goods and services. Already in 1970, Hirschman argued that consumers can also attempt to shape business behaviour through ‘voice’, that is, ‘individual or collective petition to the management directly in charge, through appeal to a higher authority with the intention of forcing a change in management, or through various types of actions and protests’.Footnote 51 Importantly, Hirschman understood voice not in terms of political protests directed at the government, but as consumer action targeted at a company or industry. Hirschman argued that exit is a blunt instrument because it only tells companies that there is something wrong with their products, services, or operations, but not what.Footnote 52 Voice has greater benefits than exit since it can provide suppliers with precise information about consumer preferences.
The continued popularity of the preceding framework attests to its explanatory strength.Footnote 53 Moreover, while the model has been primarily applied to private consumers, choice, voice, and exit are also available to public clients. In contrast to private customers who can only hope to influence individual firms or have to rely on collective action to affect industry services and standards, government agencies have much greater consumer power. In circumstances where governments are, for various reasons, unwilling or unable to act in a regulatory capacity, choice, voice, and exit may thus serve as alternative strategies for shaping industry behaviour and standards.
The idealised relationship between producers and consumers emerging from Hirschman and basic microeconomics, however, holds only under specific conditions. Choice and exit depend on competition among alternative suppliers as well as the ability and willingness of consumers to assess and select between competitors. Collusive behaviour among firms and monopolistic or oligopolistic market structures can inhibit competition.Footnote 54 Consumers’ lack of information and expertise, the cost of comparing competing products and services, and the expense of changing suppliers can also obstruct choice and exit.Footnote 55 Loyalty towards a particular supplier or product is another factor, which can prevent exit ‘in a less rational, though not wholly irrational, fashion’.Footnote 56 In cases where consumers have developed loyalty to a supplier, they are more likely to voice their dissatisfaction or ‘suffer in silence’ than seek a new provider.Footnote 57
The voice option relies on influential and active consumers and on businesses, which are able and willing to process and react to consumer complaints.Footnote 58 According to Hirschman, voice is normally more costly than exit because the mobilisation and expression of consumer preferences requires time and effort, but does not guarantee changes in products or standards.Footnote 59 Hirschman, therefore, concludes that voice is a ‘residual of exit’, most likely to be used when the exit option is unavailable. In the case of public clients, this may not be so.Footnote 60 Due to their larger consumer power, greater organisational capabilities and dual role as regulator, public agencies may find it easier to use voice to demand improved standards and services than to exit existing contracts.
It follows from the preceding arguments that public consumers may prefer choice and voice over exit as strategies for influencing industry standards. However, the ability and willingness of public consumers to facilitate PSC self-regulation depends very strongly on the structure of the market and their contracting behaviour. By examining in turn the conditions for and application of choice, voice and exit by the US government with regard to PSC services, the next sections seek to assess the practical application of public consumer power.
Choice
Choice refers to the ability of consumers to select and switch among alternative goods or services and competing suppliers. Economic models assume that companies and markets respond to changes in demand by modifying their supply. Consumer demand is the aggregation of individual choices and indicates collective preferences. But also individual clients can affect company or industry supply if they are monopolistic or particularly important consumers. The US government is no monopoly purchaser, but it is one of the largest consumers of security services in the world. With regard to the PSC industry, the US government is therefore in an exceptional position to influence professional standards and services through its contracting behaviour.
Growing international competition among PSCs facilitates this influence. The size of the global military and security industry has expanded exponentially in only twenty years. Between 1990 and 2004, about 210 PSCs were estimated to operate internationally.Footnote 61 By June 2014, already 708 international PSCs had signed up to the International Code of Conduct for Private Security Service Providers (ICoC) which aims to facilitate compliance with the good practices identified in the Montreux Document.Footnote 62 The service specialisation and regional distribution of these firms suggest that they only represent a selection of the global industry. In addition, local security companies are employed in international military operations. In Iraq, 117 PSCs had been licensed by the Ministry of Interior by 2011, and in Afghanistan there were 52 national PSCs registered before the restriction of armed security contractors by President Karzai.Footnote 63
Although the international conditions for exercising choice in the security service market are very good, the US government does not always make full use of this option. This seems particularly surprising in the case of several of the DoD top ten security contractors which have been implicated in scandals or accused of unprofessional behaviour during the international interventions in Bosnia, Iraq, and Afghanistan. Blackwater, later renamed Xe and then Academi, became infamous for its involvement in the shooting of 17 civilians in Baghdad in 2007.Footnote 64 Nevertheless, Blackwater/Xe/Academi has been reselected as DoD contractor, including new contracts for the provision of ‘security services in support of Forward Operating Base (FOB) Dwyer, and an option for FOB Delaram II’ in Afghanistan until 2016.Footnote 65 Aegis is known for being founded by Lt Col Tim Spicer, the former head of Sandline International, and was implicated in drive-by shootings in Iraq. Nevertheless, Aegis won ten US government awards in Iraq between 2003 and 2011, amounting to a total of $1 billion.Footnote 66 DynCorp gained a negative image because of child abuse and sex trafficking carried out by employees during the peacekeeping operation in Bosnia during the 1990s. Moreover, the company faced court over the unlawful dismissal of the whistle-blower who reported these abuses.Footnote 67 DynCorp was also questioned over its use of funds under the Iraqi Police Training Program contract.Footnote 68 Irrespectively, DynCorp won DoD contracts for the mentoring and training of the Afghanistan National Army and task orders over $1.5 billion for logistics services in Afghanistan under LOGCAP IV.Footnote 69
Three factors appear to affect the ability and willingness of public consumers to support industry standards by choosing among competing suppliers: (1) other consumer interests; (2) restrictions set by countries of operation; and (3) the influence of PSCs on the choices of potential and existing clients. Due to a variety of reasons, such as path dependency, loyalty, and political concerns, the US government’s choice among competing commercial security suppliers has been circumscribed by company age, size, and location. PSC age and size are important concerns due to the US government’s use of open-ended and long-term contracts as a path for ensuring the financing, continuity, and flexibility of security service provision. In the US these awards have taken the form of Indefinite Delivery, Indefinite Quantity (IDIQ) contracts. The largest IDIQ for security services is the Worldwide Personal Protective Services (WPPS) contract with the Department of State.Footnote 70 Another large IDIQ security contract has been the Afghanistan Reconstruction Security Support Services award of the US Army Corps of Engineers in 2011. The Reconstruction Security Support Services contract covers a wide range of security services throughout Afghanistan, including ‘comprehensive security, operations, transportation, aircraft, and intelligence services to secure and account for Afghanistan Engineering District-North (AEN) and Afghanistan Engineering District-South (AES) personnel’.Footnote 71 Security services contracts or subcontracts are also part of some multipurpose IDIQ contracts, in particular the Logistic Civil Augmentation Programs I-IV (LOGCAP).
Size matters in IDIQ awards because contractors are required to supply a range of services in unspecified quantities and, often, in multiple locations worldwide. A company must be able to provide large numbers of service personnel within a short period of time either directly or by subcontracting and managing other firms. Due to the importance and duration of major IDIQ contracts, company age also plays a role. Governments want assurance that a contractor has the experience and staying power to carry out services until the end of the award period or longer, as many IDIQ contracts can be extended with additional option years. The preceding IDIQs have, therefore, circulated among a small number of companies. The WPPS I (2000–5) was won by DynCorp, WPPS II (2005–10) by DynCorp, Blackwater, and Triple Canopy.Footnote 72 Since 2010, WPPS III has included eight base contracts with DynCorp, Triple Canopy, Aegis, EOD Technology, International Development Solutions, SOC, Torres International Services, and Global Integrated Security.Footnote 73 Global Integrated Security also won the Reconstruction Security Support Services in Afghanistan contract.Footnote 74 The LOGCAP has moved among KBR (LOGCAP I, III, & IV), DynCorp (LOGCAP II & IV) and Fluor (LOGCAP IV). Mergers and buy-outs have contributed to reducing the choice among companies which are capable of managing large IDIQ contracts. L-3, for example, bought MPRI in 2000 and Titan in 2005. CSC owned DynCorp between 2004 and 2005, and DynCorp merged with Cerberus Capital Management in 2010.Footnote 75 In 2014, Constellis Holdings, which was created ‘by the founders of Triple Canopy and the private equity investors who formed Academi’ (the successor of Blackwater), brought together Triple Canopy, Constellis Ltd, Strategic Social, Tidewater Global Services, National Strategic Protective Services, Academi Training Center, and International Development Solutions.Footnote 76
Other interests which can lead governments to restrict their choice include efforts to cut transaction costs, such as the expense and time for advertising and selecting among competing bidders, loyalty to contractors which have demonstrated their ability to work in deployed operations, and political networks and preferences for national providers. Between 2003 and 2008, the US Special Inspector General for Iraq Reconstruction ‘identified 310 companies with direct contracts and subcontracts to provide security services to U.S. agencies, contractors supporting the military, or organisations implementing reconstruction programs for these agencies’, accounting for security service expenses of almost $6 billion in Iraq.Footnote 77 However, only ten PSCs – DynCorp, Triple Canopy, Aegis, Blackwater, EOD, Sabre, SOC-SMG, Agility Logistics, Unity Resources Group, ArmorGroup and Erinys – received 75 per cent of US government payments.Footnote 78 Not all, but many of these companies were registered in the US, indicating a preference for national companies which can also be observed with other governments. Between 2002 and 2012, the UK government spent £454 million on private security services worldwide with the majority of contracts awarded to three companies of, at least originally, British origin: ArmorGroup/G4S, Control Risks, and Minimal Risk.Footnote 79 Similarly, Joakim Berndtsson reports that the Swedish government sent out its invitations for the first-ever commercial contract for international embassy security services to two national firms because the government believed it could ‘trust them because they are Swedish’.Footnote 80
Host nation regulations and policies are other, if comparatively rare, elements which limit consumer choice among PSCs. In 2010, the Afghan President Karzai issued Presidential Decree 62 ‘ordering the disbandment of private security companies in Afghanistan’.Footnote 81 All armed security services, with the exception of security for diplomatic missions, were supposed to be transferred to a new Afghan Public Protection Force. Between 2012 and 2014, the number of DoD security contractors in Afghanistan dropped down from 28,686 to merely 5,591.
Finally, PSCs can influence consumer choice through consulting services and package deals. The role of security experts in creating demand for security services has been widely noted in the academic literature.Footnote 82 PSCs are able to shape clients’ choice of security services and providers as consultants.Footnote 83 This is particularly the case when the same company is hired as consultant and for subsequent service provision. When the US government contracted Brown & Root Services (now part of Halliburton/KBR) in 1992 to ‘develop a worldwide management plan and 13 regional plans’ for the provision of logistic services under LOGCAP I, the company was simultaneously asked to ‘be prepared to execute the plans upon notification’.Footnote 84 Brown & Root was able to influence what logistic support services would be requested and, later, supplied by the company. Its dual role has helped Brown & Root/KBR to establish itself as the DoD’s prime supplier of global military logistic support, as illustrated by the awards of LOGCAP III and IV.
The incorporation of major PSCs into larger defence corporations and their merger with risk consultancies have assisted the preceding strategy because they have enabled the combination of multiple security services in package deals. According to Anna Leander, ‘DynCorp is a prime example of a firm which provides a package deal’ in the military service sector by offering similar or interlinked ‘contracts on the national, provincial and municipal levels in Iraq to assess threats, train Iraqi police and military personnel and give advice on the reorganisation of the Iraqi justice system’.Footnote 85 Under LOGCAP IV Agility DGS provides ‘integrated logistics and specialized procurement worldwide’, including full life support, military base operations, logistics, and security.Footnote 86
The preceding analysis indicates that the US government’s choice between alternative services suppliers is restricted despite its privileged position and the growing number of PSCs. Some of the reasons are outside the control of the US administration, such as the Afghan prohibition of armed PSCs, the influence of security advisors, and the restructuring of the PSC industry. To a considerable degree limited choice is caused by the predominance of other US government interests, such as cutting the cost of contract advertisement and management and loyalty to and support for American businesses, over its commitment to raising industry standards. The findings suggest that choice among competing PSCs is likely to play only a minor role in facilitating industry self-regulation and certification because consumers are influenced by other factors when selecting their suppliers. The US government appears to have responded to these circumstances by focusing on voice to improve the professional standards of PSCs hired in international operations.
Voice
According to Hirschman, voice is preferable to choice or exit as a way of conveying consumer preferences because it is more precise. Voice can also work where monopolistic or oligopolistic market structures limit choice. Moreover, voice can be exerted by customers who are restricted in their choice among alternative suppliers for reasons such as those outlined above.
Voice can go beyond simple contractual requirements that PSCs must sign up to industry codes of conduct or certification schemes. Voice can also be used to influence the content of industry self-regulation by expressing consumer demand for particular professional standards vis-à-vis the industry. Voice takes many different forms, including contract (re)negotiations and stipulations as well as protests and petitions to the company management. The most important mechanism is the specification of consumer demands in the contract itself. In long-term public private partnerships between governments and businesses, voice also includes PSC monitoring and the communication of consumer dissatisfaction in the absence of choice and exit options. Since exercising voice is costly and often requires particular resources or expertise, such as (man)power and legal knowledge, it is often more suitable for governments than private consumers of security services. Moreover, unlike private consumers who have to act collectively in order for their voice to have any significant impact, the voice of large public clients is more easily organised and often stronger due to the size of contracts. This section investigates how the US government has sought to use voice to raise standards in the security service sector.
Instead of imposing a public licensing regime, the US government’s ‘regulatory’ efforts have primarily relied on voice to raise PSC industry standards by including them into contracts or making them a precondition for bids. The basis of this strategy lies in sections 862 and 853 of the 2008 and 2009 National Defense Authorization Acts, respectively.Footnote 87 The 2008 National Defense Authorization Act, for example, requires ‘the insertion into each covered contract (or, in the case of a task order, the contract under which the task order is issued) of a contract clause addressing the selection, training, equipping, and conduct of personnel performing private security functions’.Footnote 88
The DoD has implemented the act by assigning the relevant responsibilities to a range of agencies, creating new processes and specifying contract clauses in the Defense Acquisition Regulations System (DFARS).Footnote 89 Security contractor obligations with regard to these mechanisms are outlined in new contracts and complemented with detailed specifications concerning, among others, the vetting and training of security guards. A Statement of Work for Private Security Contractors at Camp Delaram in Afghanistan, for example, states that the
Contractor shall provide individual weapons familiarization training for all personnel who shall carry weapons under this contract to include sighting on each individual’s weapons. Training shall be accomplished to Army weapons qualification standards. This training shall be specified and the standard monitored by the COR [Contracting Officer Representative].Footnote 90
In addition, Section 833 of the National Defense Authorization Act of 2011 obliged the DoD to issue policy guidance making it a condition for contracts involving private security functions that ‘each contractor receive certification from a third party that the contractor adheres to specified operational and business practice standards’.Footnote 91 As part of the guidance, the DoD was asked to: (1) establish criteria for defining standard practices for the performance of private security functions; (2) establish minimum requirements for weapons training and qualification of instructors; and (3) identify organisations that could carry out the certification.Footnote 92
In order to comply with these directives, the DoD has supported the development of voluntary professional standards for PSCs by the ANSI and ASIS, an international security industry association.Footnote 93 The result have been four ANSI/ASIS standards: PSC.1 ‘Management System for Quality of Private Security Company Operations – Requirements with Guidance’ and PSC.2 ‘Conformity Assessment and Auditing Management Systems for Quality of Private Security Company Operations’.Footnote 94 All Standards make explicit reference to industry best practices outlined in the Montreux Document and the ICoC. In addition, PSC.1 was submitted to ISO and has become the basis for the development of a globally recognised ISO Standard for the quality management of PSCs.Footnote 95
The DoD, as well as the British Foreign and Commonwealth Office, have facilitated improved professional standards by demanding that security contractors that seek to work for them must implement the ANSI/ASIS management standard. The DFARS thus stipulates that: ‘If the acquisition requires performance of security services, as defined in DFARS 252.225-7039, to be performed in areas of (a) combat operations, (b) contingency operations; or (c) other military operations or exercises, incorporate, and require compliance with, ANSI/ASIS PSC.1-2012, American National Standard, Management System for Quality of Private Security Operations – Requirements with Guidance’.Footnote 96
Despite these positive developments, there are several drawbacks to voice. The first concerns the scope and content of these voluntary standards. The second factor regards the monitoring of contractor performance and compliance with consumer demands. Another factor, the punishment of contractor non-performance or misconduct, will be discussed in the next section on ‘exit’. While ASIS has hailed the PSC Standards as ‘the world’s first standards designed to manage risks related to security services’, a closer examination reveals that they only indirectly contribute to raising operational standards in the field and that there remain important omissions.Footnote 97 Foremost, the ANSI/ASIS Standards only concern the development of a ‘management system’ for PSCs. The ANSI/ASIS Standards do not, as requested by Congress, specify minimum vetting, training, or qualification requirements for PSC employees. Companies are compliant with the ANSI/ASIS Standards if they can demonstrate that they have put in place management processes for the development, implementation, and revision of largely company specific and self-defined standards. The ANSI/ASIS Standard for the selection and vetting of personnel, for example, specifies that ‘the organization shall establish, document, implement and maintain procedures for background screening and vetting of all persons working on its behalf to ensure that they are fit and proper for the tasks they will conduct’.Footnote 98 While Annex A of the Standard states that these management systems ‘should’ comply with the Montreux Document, the ICoC and international human rights law, it makes clear that the Standard merely ‘provides guidance or recommendations for any PSC to identify and develop best practices’.Footnote 99 Another limitation concerns certification. Congress envisaged that a third party would verify PSC compliance with professional standards, but Standard PSC.2 permits three forms of certification: (1) self-assessment and self-declaration; (2) customer assessment; and (3) independent third-party certification.
The second issue for consumers who seek to influence PSCs with voice rather than choice is the need to monitor whether and how contractors implement contractual requirements and other demands, such as those made by contracting and operational officers. Innumerable reports by the Government Accountability Office (GAO), the Special Inspector General for Iraq Reconstruction (SIGIR), and the Commission on Wartime Contracting (CWC) have identified contract monitoring in international operations as a significant and long-standing problem.Footnote 100 Already during the peacekeeping mission in Bosnia, GAO reported that weaknesses in the DoD’s supervision of the LOGCAP I contract.Footnote 101 Insufficient DoD contract management in Iraq and Afghanistan was criticised for permitting ‘fraud, waste and abuse’.Footnote 102 As late as 2012, GAO noted that further improvements in contractor oversight were needed in Afghanistan. Among others, not all DoD Contracting Officer’s Representatives (CORs) in the operation had the necessary training to write contract statements of work or the area-specific technical expertise to evaluate contractor performance.Footnote 103
These problems pertain also to the monitoring of PSCs. SIGIR observed in an assessment of oversight over theatre-wide internal security services contracts that ‘almost 40% of the CORs we surveyed said the training they received did not prepare them for their duties and 25% said they lacked sufficient time to conduct effective oversight’.Footnote 104 Since CORs are responsible for examining PSC performance as well as their compliance with other contract requirements, such as personnel and operational standards, weak monitoring can be a major impediment to using contracts to raise professional standards.
Significant improvements only regarded PSC incident monitoring in Iraq, that is, the reporting of accidents, incidents, and unprofessional behaviour.Footnote 105 Following the Blackwater shooting and in response to the National Defense Authorization Act 2008, the US set up a database and stepped up its investigations of serious incidents, such as checkpoint incidents, negligent discharge of weapons, small arms fire, and escalation of force.Footnote 106 Incident reports also determined the need for ‘disciplinary or corrective actions’.Footnote 107 A reduction in force escalation and small arms fire incidents reported over the next two years appears to have demonstrated the effectiveness of these measures.Footnote 108 However, the responsibility of the PSCs to report the incidents raises questions about the accuracy of the data.Footnote 109
In sum, the findings suggest that the US government has made significant attempts to influence PSC industry standards and self-regulation through voice. Notwithstanding, two factors can inhibit the effectiveness of this strategy. One is the scope and detail of government requirements with regards to professional standards of operation. DoD contractual stipulations, for example, seem considerably more demanding than the general obligation that all PSCs hired by the DoD shall be certified in the ANSI/ASIS PSC management standards. Another factor is the verification of compliance with contractual requirements. Even large public clients such as the US government find it difficult and costly to monitor contractors in deployed operations. To have any impact monitoring must be carried out effectively and followed up by disciplinary action. The ultimate disciplinary action is exit, that is, the suspension or termination of a contract. The next section examines whether and how the US government has utilised this option.
Exit
Exit can be defined as the ability of consumers to terminate contracts and to suspend or debar contractors from further awards. According to the US Federal Acquisitions Regulation (FAR), the US government can terminate all contacts either at its own convenience or if a supplier defaults on its contract.Footnote 110 Suspension refers to the temporary disqualification of a provider from government contracting and subcontracting.Footnote 111 Causes for suspension are, among others, suspicion of fraud, criminal offenses, and unfair trade practices.Footnote 112 Suspension is imposed on contractors ‘for a temporary period pending the completion of investigation and any ensuing legal proceedings’, but no more than 18 months if no legal proceedings are entered into.Footnote 113 Debarment can follow a conviction or civil judgement related to the above offenses.Footnote 114 Debarment should be proportional to the offence, but does not normally exceed three years unless necessary to protect the government’s interest.Footnote 115 The 2008 National Defense Authorization Act further says with regard to noncompliance with contract clauses on the ‘selection, training, equipping, and conduct of personnel performing private security functions’, that contracting officers ‘may’ direct contractors to remove or replace personnel at their own expense or terminate the contract ‘if the violation or failure to comply is a gross violation or failure or is repeated’.Footnote 116
While the US government apparently views exit as a suitable strategy for dealing with contractors that do not meet the required professional standards, the praxis indicates only limited use of this option. PSCs have been rehired even in cases where there has been evidence of a regular use of excessive force or noncompliance with vetting and training requirements. Blackwater, for example, was involved in at least 195 escalations of force incidents in Iraq between January 2005 and September 2007, that is, an average of 1.4 per week.Footnote 117 In 84 per cent of the cases, Blackwater employees fired the first shots, although their contract permitted only a defensive use of force, causing either property damage or casualties.Footnote 118 Over a similar period, DynCorp was involved in 102 and Triple Canopy in 36 shooting incidents.Footnote 119 DynCorp shot first in 62 per cent of the cases, Triple Canopy in 83 per cent.Footnote 120 Between 2008 and 2009, Aegis topped the list of contractors with the greatest number of serious incidents (224), before EOD Technology IC (171), ArmorGroup (63), and Hart Group (58).Footnote 121 Lack of compliance with contractual requirements and professional standards has not only concerned the use of force. SIGIR observed in an audit that Aegis was not able to demonstrate the vetting of its employees or that they were qualified to use the weapons, which they had been issued.Footnote 122 SIGIR also noted that Aegis did not comply with contractual requirements concerning ‘personal security detail qualifications, regional operations centers, and security escorts and movement control’.Footnote 123
While individual employees have been discharged or had their weapons permits revoked because of unprofessional behaviour, examples of PSCs being suspended are rare. One of the few cases has been the suspension of LOGCAP IV subcontractor Agility DGS in November 2009, after the indictment of its parent company Public Warehousing Company (PWC) ‘for a multibillion-dollar fraud perpetrated against the United States in connection with its government contract to supply food to American military personnel in the Middle East’.Footnote 124 None of the preceding companies have been debarred from further contract awards.Footnote 125
The US example teaches that at least four factors can be an impediment to exit. The first factor is lack of information and coordination. In 2011, there was no central repository for data on contractors, who had defrauded the US government, making it difficult for contracting officials to implement suspensions and debarments.Footnote 126 A DoD Report to Congress observed that ‘in some instances, the Military Departments and the Defense Logistics Agency obligated funds to various contractors during the suspension period’, and ‘[a] similar situation was noted with regard to continued obligations to contractors who had been debarred.’Footnote 127 The US government has since made efforts to address this problem through improved information exchange.
However, a second factor can undermine these efforts: the ability of PSCs to change their identities through mergers, name changes, and the registration of companies under several Data Universal Numbering System (DUNS) identifiers in the US Federal Procurement Data System.Footnote 128 According to the DoD, these strategies make ‘it very difficult to track or correlate’ contractors.Footnote 129 Examples of mergers and name changes in the PSC industry include several well-known companies. Aegis became the successor of Sandline International, at least in terms of its leadership, after the company’s implication in the ‘Arms for Africa’ scandal involving breaches of the United Nations arms embargo in Sierra Leone.Footnote 130 Defense Systems Limited (DLS) was bought 1996 by Armor Holdings and renamed ArmorGroup, which itself was subsumed by the global security corporation G4S in 2008 and rebranded as G4S Risk Management.Footnote 131 MPRI was acquired by L-3 in 2000 and, together with other L-3 segments, relaunched as Engility in 2012.Footnote 132
The most famous example of changing identities and names is Blackwater. Founded in 1997 as Blackwater USA, the company changed its name to Blackwater Worldwide in 2007. Following the shooting of 17 Iraqi civilians by some of its employees and the Iraqi government’s refusal to extend the company’s operating licence, Blackwater re-registered as Xe Services in 2009.Footnote 133 After the resignation of its founder, CEO and chairman, Erik Prince, Xe Services was bought by an investor group and relaunched under the name Academi.Footnote 134 Blackwater/Xe/Academi’s acquisition of new US government awards for security services despite being charged for repeatedly and systematically violating the US Arms Export Control Act and International Trafficking in Arms Regulations has caused consternation among members of the Committee on Oversight and Government Reform (2012). The US government justified its decision to let off Blackwater/Xe/Academi with a $42 million settlement and $7.5 fine with ‘the company’s efforts to reform its conduct’.Footnote 135
A third factor limiting the exit option is the dependence of the US government on major contractors. The DoD admitted to Congress that some contracts are continued ‘to ensure mission accomplishment and for safety and mission requirements’ despite fraudulent behaviour.Footnote 136 The CWC confirms that in particular PSCs with large or security relevant contracts can get away with settlements or fines. KRB, the single largest DoD contractor in Iraq and Afghanistan with awards reaching $41 billion, was implicated for ‘a total of 32 cases of suspected overbilling, bribery and other violations’.Footnote 137 Since KBR was the sole provider of logistic services under LOGCAP III, however, it was impossible to suspend the company during the Iraq and Afghanistan interventions. In 2010, the Department of Justice filed a civil law suit against KBR for providing false statements to justify its unauthorised use of private security guards between 2003 and 2006. However, KBR was not suspended from the new LOGCAP IV, although there were now two other companies bidding for LOGCAP task orders.Footnote 138
Finally, loyalty, and other interests appear to play a role in US government decisions to keep or rehire corrupt or unprofessional PSCs. Loyalty to such firms is often based on a general support for American businesses, but some PSCs can also draw on more personal networks with the government or military. Former Defense Secretary Dick Cheney became CEO of Halliburton/KBR, following its study for worldwide logistics management which preceded the award of LOGCAP I. Moreover, during Cheney’s leadership the company was able to increase significantly its number of government awards, including no-bid contracts.Footnote 139 The impact of personal networks is usually difficult to demonstrate, but Constellis lists proudly on its Board of Directors one former Admiral as well as the former Attorney General who reorganised the Department of Justice after 9/11 towards a focus of fighting terrorism. DynCorp’s Board of Directors includes two former US generals.
In sum, these findings suggest that there are major impediments to exit, which limit its utility as a strategy for strengthening professional standards. Key obstacles include the difficulty of tracking individual PSCs in a constantly evolving global industry, the growing dependence on individual firms and loyalty towards US businesses closely connected with the government or armed forces. In theory the (threat of) suspension or debarment from further contracts is a strong mechanism for facilitating and enforcing professionalism within the private security industry. In praxis, even large public consumers like the US government tend to opt for less radical means. The preference for dismissing individual employees for unprofessional behaviour, however, creates no incentive for companies to improve their vetting, training, and operational standards because they can replace lost staff easily with others. Even for employees, a discharge may not have the desired effect as many are on short-term contracts and likely to be able to find work with a different company. Penalising the companies is the only effective way to ensure the proper screening, training, and supervision of private security contractors.
Conclusion
Following the Montreux Document, the ICoC as well as the development of the ANSI/ASIS and ISO Standards for PSCs, much hope is placed on voluntary standards and self-regulation of transnational security firms. To a large extent, this hope is dependent on the assumption that the consumers of private security services will help facilitate and enforce professional standards through choice, voice, and exit. States, which employ PSCs in international interventions, have a major role to play in this regard. The preceding analysis has examined empirically the validity of this assumption by investigating the PSC contracting behaviour of the US government, one of the largest consumers of private security services worldwide. It has shown that US contracting agencies have made a differentiated use of choice, voice, and exit in order to influence security industry standards. This use indicates a distinct preference for pre-award requirements (choice) and contractual obligations (voice) over deselection or debarment (exit) of PSCs, which do not meet expectations of professional behaviour.
The US strategy can be partially explained by Hirschman’s observation that exit is a rather blunt instrument for conveying consumer preferences. However, this article has revealed further constraints, which shape whether and to what degree public consumers are able and willing to use voice, choice, and exit to influence industry. Choice among suppliers with different professional standards and qualifications can be limited by other concerns and interests, including cost-efficiency, effectiveness, flexibility, loyalty, and political imperatives such as support for the national security industry. Choice can also be constrained by national legislations in the countries where PSCs are deployed. Furthermore, companies can themselves attempt to restrict choice through consultancies or package deals which encourage consumers to employ particular suppliers. The ability and willingness of the consumer to define the scope and content of professional security standards affects the use and effectiveness of voice. Voice also depends on whether a consumer has the necessary qualifications and resources to monitor contractor compliance. The exit option is confined by internal coordination and information exchange among the contracting agencies about past contractor performance as well as the ability of consumers to clearly identify a company, despite mergers and name changes. Dependence on specific companies, long-term contracts, loyalty, and personal networks are additional factors which make it difficult for consumers to exit client-supplier relations.
The consequences for security industry self-regulation and standard setting are considerable. Foremost, the findings suggest that there are significant obstacles to using consumer power to facilitate or enforce industry standards. Since many of these obstacles are of a structural nature, that is, based on interest, information, or resource disparities, they are not easily addressed or changed. Moreover, these structural factors not only apply to the US, but also to other public consumers of PSC services in international military interventions, including many European countries and international organisations such as the UN.Footnote 140 The notion that public clients simply need to be educated or encouraged to use their influence disregards these problems. The expectation that voluntary commitments and PSC industry certification will enable consumers to help raise standards by forcing noncompliant companies out of business underestimates the complexity of the motives and conditions which shape consumer behaviour. Even resourceful clients such as public contracting agencies balance other interests and the cost of choice, voice, and exit against the potential benefits of improved professional standards. For the global security industry these results suggest that industry self-regulation is unlikely to be an adequate substitute for a global public licensing regime for PSCs.
Biographical information
Elke Krahmann is Professor of Security Studies at Brunel University. She has published widely on non-state actors and the commodification of security including articles in journals such as European Journal of International Relations, Security Dialogue, Review of International Studies, and Millennium. Professor Krahmann has received numerous research grants and awards for her research, including the Ernst-Otto Czempiel Prize for her monograph States, Citizens and the Privatization of Security (Cambridge University Press, 2010). Her latest ESRC-funded research project examines the use of private security contractors by international organisations such as the United Nations, NATO, and the European Union.
Acknowledgments
The author would like to acknowledge research funding for parts of this article by the Economic and Social Research Council (grant number RES-000-22-1516).