CHAPTER 6: HOW TO REGULATE COMMERCIAL SECURITY?
6.3 The reality in organising the core duties in regulation implementation
The administrative model chosen for routine control crucially affects the effectiveness and professionalism of the execution of commercial security regulation. In practical regulation implementation, the core responsibilities to be organised or controlled by the authorities are:
Licensing procedures as a whole.
Background screening.
Compulsory training arrangements.
Submission of certificates and ID cards.
Follow-up and inspections on compliance with the regulations.
All of these duties are such that it is almost impossible to delegate them to private actors if an adequate regulation system is the ultimate goal.
Licensing procedure
In the licensing procedure, the first question is how the granting of the licenses will be taken care of? Will there be one centralised authority with adequate subsidiaries, or will the licensing be handled in co-operation with local authorities that also have other administrative (licensing) and operational functions? There are at least three main models in use today:
Centralised: all licenses are granted by one authority (e.g. BE, DK, NY and ZA).
This model may work technically well if the authority is, for example, the police, with a centralised organisation.
Decentralised: licenses are granted by local (provincial) authorities in parallel with other duties (e.g. FR, IT and SE). In this model, there is a big risk for local interpretations and sometimes low administrative knowledge of the regulations.
Mixed: where, for example, company licenses are granted by one centralised authority but individual licenses by another with a nationally covering organisation (e.g. the police in EE and FI).
The present organisational arrangements in granting licenses are presented in Table 13 (Hakala 2007:7). As can be seen, over 90% of the regulatory regimes with private security legislation have an authority in charge of the approval process. The statistics also show that there is a clear difference in authorities responsible for granting licenses to companies and to individual security officers. Police administration grants over 50%
of the individual permits but less than 40% of the security business licenses for companies.
Table 13 Practical regulation implementation - license granting and control
What authority/agency…
Day-to-day handling of license applications should be made as smooth as possible for individual applicants. There should be systems that allow the ‘customers’ to make their application manually or electronically through the internet. For the applicant, the main need is to have adequate and simple information on how the procedure is run and what steps are required of him/her. It is also important to inform the applicant at the beginning of the process as to what factors will prevent the granting of a license. In commercial security context, the clean criminal record requirement excludes a relatively high percentage of the applicants automatically. In this situation, it is a waste of time for
both parties if a person with a certain kind of criminal background puts in an application. The application form and papers should not be complicated. This depends, however, mostly on the all-over administrative system and how different authorities have access to and can use governmental information and data bases.
The licensing process of security companies differs naturally from that of individual security guards. The checks of individual trustworthiness of the applicant(s), however, should be at least on the same level for management as for the security officers.
Usually, when starting a new commercial security company, the general business license for it is acquired first and after that an application is made to register it as an approved security provider. There is a difficulty in this process on how to exclude criminal elements from owning (controlling) a licensed security company when they are not included in the operational personnel which is usually more systematically controlled.
With individual licenses, the ideal practice is that the applicant just fills in the basic personal data on a form and attaches a couple of photos, the certificate of passing the compulsory training (and a medical certificate). Unfortunately, in many cases the individual applicant is obliged to provide different other documents as appendages. This is partly an outcome of the free movement of work force, which means that there are applicants who are not citizens of the regulatory regime where they are applying for the license. The time that the handling of an application takes is crucial for the applicants but also for the companies and their businesses. The authorities (bureaucracy) and the licensees have a different approach to this matter. As there is, in most cases, a rule that a security guard cannot start to work before the license has been granted, the duration of the licensing process decides how long s/he has to wait for actual employment. Even with the best circumstances, it takes a couple of weeks to process a license, but in most cases, especially if several authorities are involved, it will take many weeks, even months. Commercial security as a business is totally dependent on flexible use of employment. If the licensing process does not live up to this requirement, there is a risk that employees who are not yet licensed will be put to work by the companies. The commercial security is a low-salary industry and it is obvious that if applicants have to wait a long time for their license, there is a risk that they will take another job if one is available.
The present form of the issuance of the actual license has to be carefully assessed. Will the authority give the applicant a paper certificate or an ID-card? There is a big
difference in cost, credibility and usability between these two models. If the authority issues only a paper certificate, the possibility of future control is very much lost. On the other hand, if an official photo ID-card with all needed information is issued, there is the possibility to register it, to cancel it, to renew it, to put extra information of training, gun licenses, etc. on or in it. It also gives uniformity in control situations both for the authorities and citizens. Despite the indisputable benefits of this kind of certification, for different reasons it has not been implemented in all countries. For example, the issuance of ID cards/badges is with the companies in New York and Sweden and with the association of the security companies in Estonia. Administrative cost factors are often quoted in this context, but they can be taken care of by a licensing fee.
Background and suitability screening
A core element in the licensing process is the screening of the applicants, which in practice usually includes a criminal record check and in some countries also other police records. Access to this kind of information is restricted in all countries. Its use by other authorities outside the record ’owner’ includes often a lot of bureaucracy. To guarantee flexibility, there must be statutory regulations on access rights and procedures for information issuance. This means that in practice, swift application handling is impossible if special arrangements are not made. The process can be streamlined using the latest information technology. Another problem in this context is the coverage of the records. It is not acceptable that an applicant is checked only against the local (state) criminal records. The credibility of the system and the industry requires in many cases (aliens) a more comprehensive check. This means more delays in the handling process, if obtaining (trustworthy) information is even possible at all.
Personal suitability screening, which is included into private security legislation in some regulatory regimes, for example in New York and Queensland, is, however, an extremely complicated matter to organise. First, it has to be defined how the relative individual assessments are made, by whom, what characteristics are included, and how the results are documented. Second, who knows the person in a way that he or she can give an opinion? For example, if the evaluator in a small town or in the countryside is the local police, there may be such knowledge of an applicant, but in a bigger city this is quite improbable. Guaranteeing equality and objectivity in this procedure is almost impossible.
The organisation and execution of background and suitability screening shall be such that it guarantees a swift, simple, transparent and equal process that serves all the
parties: authorities, companies, security officers and the society. In practice this has turned out to be a tough challenge for regulators and authorities everywhere.
Training arrangements
In a majority of the regulatory regimes, the organisation of compulsory training is complicated. It is relatively ‘easy’ to set high compulsory training requirements in the regulation, but in many cases the actual content and execution of training has not been thought through (Irish Government 1997:7; Yoshida 1999:250-251). It is quite often left to the administrative authorities or even the training organisers to decide how it will be done. There are three main models for organising the compulsory training to be found today:
Organised by training companies/institutions connected to the national NVQ system, and training programme and trainer approvals are issued by the educational authorities (e.g. ZA and QLD).
Organised by commercial security companies themselves, by national branch associations or by special training companies that are accredited according to private security regulation (e.g. BE, EE and SE).
Organised and sponsored by the government or institutions controlled/approved by it (e.g. DK and FI).
There are five questions to be considered by the legislators and authorities when planning how to organise the practical execution of compulsory training.
First, should the training be carried out separately or should it be integrated somehow with the formal education system? If it is arranged as a part of or connected to the general NVQ system, it is easier to have an official status for the training and to arrange further education. The handicap can be that decisions regarding the execution will be made by authorities who do not have adequate knowledge of the needs and requirements of commercial security work.
Second, who should plan and decide the content of compulsory training? In many regulatory regimes, this has been included in the statutory regulation. Often there are very detailed stipulations of the length, the subjects of instruction and the examination.
A strict frame, especially concerning the content of the training may also become a handicap when the educational needs change. There should be a system to develop and amend the training to some extent without needing to rewrite the statutory regulations.
Third, who should be given the right to carry out actual basic training and examinations as well as are the security companies themselves considered eligible for this activity?
Both the certification of the institutes and the trainers need to be organised. Without having a clear and controlled system on these matters, the goals set for compulsory training may not be reached. The existing models vary from no structure at all to a totally state organised education. Traditionally the police have had a bigger or smaller role in arranging training. The need and appropriateness for this should also be evaluated carefully. Whatever model of training is used, there is a need for a self-sufficient examination to control the knowledge of the students and the quality of the training.
Fourth, how are the trainers and the training itself certified and controlled? Today there are models where the general educational authorities or the ones in charge of all-over commercial security licensing approve the training providers and the trainers. An important detail is also to regulate who approves/signs the course certificates that are needed as a part of the license application. In many of the otherwise well-structured regulation models, there is a lack of on-going adequate control of these matters.
Fifth, how to finance compulsory basic training? The division of costs between the state, companies and the applicants has to be carefully balanced. Today there are a variety of models where one of these parties carries the whole cost, or it is shared in different ways between them. Whoever is the payer; this is a remarkable cost factor, the division of which should not be left for the market or companies to decide.
Control and inspections of commercial security providers
Even the best possible regulation is compromised if its implementation and control has not been organised vigorously. There needs to be pro-active inspection work and robust complaint handling procedures. This requires a regulatory authority with adequate resources, powers and the co-operation possibilities with other branches of the state’s administration. The inspections have to be regular and apply to all companies working under the industry specific regulation. To be able to do this work properly, the controlling authority needs to have access to all premises and material connected to the operations of the licensed security firms. It is also of utmost importance that these rights include access to business (and taxation) data and that it is possible to require a firm to place any material at the authority’s disposal in advance. The authority need to have powers to enforce refractory companies, for example, by a conditional imposition of a fine or by cancelling the license. A protocol of the control visit, including the outcome
and remarks of the inspection, should be provided for the company with deadlines to correct the shortcomings. It is also important that there are resources to check that problems have been taken care of within the given time frame.
Experience shows that a swift mechanism of handling public complaints concerning commercial security providers and their behaviour is needed to improve the credibility of the industry. Today, in societies where the industry is regulated, this has been often arranged with the possibility to make the complaints not only to the police, but to the authority responsible for the control of licensed commercial security activities. In some countries, complaints can be made even through the internet on the authority’s website (e.g. UK and ZA). Having the controlling body as the first point of call in handling complaints has turned out to be a working model guaranteeing a more professional and faster handling of suspected malpractice. This also helps the authority to have a first-hand touch on the problems appearing in the licensed activities. Another, extremely delicate, question is how to handle whistle blowing reports concerning commercial security providers and their customers. This matter has become acute in some countries where guards have a regulated duty for reporting certain incidents and crimes, even concerning the customers (e.g. ES and SE).
In the licensing and control of commercial security, there is, as in all activities, the question of how to finance the work. There are two practices in use: either the authority is funded through state budget, or the security companies pay a license and control fee, and the individual security officer’s license has also a price. In most regulatory regimes, this has been handled by setting an official price list for these services.
6.4 Analysis and discussion
It is in the implementation of regulation, when answering the how to regulate question, that authorities face the biggest challenges. This part of commercial security control is also predominantly a command and control as well as a top-down governance practice (Caparini 2006:263). It would be important that all matters related to the question of how to regulate are planned with care. There is a real risk that the emphasis is in the writing of the laws and regulations but the organisations and resources to implement them are forgotten or neglected. The basic principle should be here as in other legislation concerning the operators – trust but control! It is understandable that prevailing governance structures steer the legislation work and the control arrangements. It is not possible to delegate this to any other (private) party in the
society. Enough time and effort need to be used to understand the special features and the core matters in regulating commercial security. There are several pragmatic structural points to decide in order to be able to steer and develop the governance of the industry. It is inevitable that the existing structures will steer the chosen arrangements but even so, decision makers should be aware of the consequences that the chosen arrangements will bring with them. It is obvious that in all regulatory regimes, the structures of the government organisations are not able to adequately steer and control the industry’s daily activities and its future development.
It is not possible within this thesis to handle all of the daily governance challenges concerning commercial security. The main issues to take into consideration in this context can be listed as follows:
A regular analysis has to be made to determine how to adapt the local regulation arrangements to the surrounding world as well as how do international commitments affect the work.
The model of regulation must be constantly considered. Would one piece of legislation cover the whole industry, or should it be divided according to the segments of activity?
The division of labour within the government concerning commercial security matters should be decided. Principally at least two layers of authority should be appointed:
The ministry or ministries responsible for the all-over administration of commercial security matters and legislation.
The governmental organisations (departments, agencies) being in practice responsible for the day to day administration, steering and control of the commercial security providers.
An all-over framework needs to be created for the practical day-to-day execution of commercial security control, including licensing and inspections.
A directive list of the principal topics to be taken into consideration in the existing and future organisations steering commercial security activities is in Appendix 5. A well-legislated security industry with a professionally organised and adequately resourced administrative authority is necessary not only for the commercial security providers but also for the society as a whole. Limited resources given to authorities to steer and control a dynamic and growing industry will sooner or later backfire.
PART II
THE PRACTICES OF COMMERCIAL SECURITY REGULATION IN THE