Passport to The Promised Land

Readers of ‘Raising the standard’ – my regular viewpoint column in Security Management Today – will be aware that the National Security Inspectorate (NSI)’s involvement with the Security Industry Authority (SIA) has, as yet, been relatively peripheral. That is all set to change now as the SIA moves into new territory which, coincidentally, is a piece of ground we have occupied – in one evolutionary form or another – for over three decades. I’m talking, of course, about the Approved Contractor Scheme (ACS), due to be launched in October.

The past few months have witnessed a flurry of activity at SIA headquarters while the ACS standard was being prepared. The Standard Definitions document was issued in June and, consequently, we now have a complete view of exactly what criteria will be measured. We are in a good position, then, to judge the ACS against existing schemes, particularly those used by the NSI to measure the performance of its own approved companies operating across the security guarding and cash services sectors.

The first point to note is that the ACS reaches parts which other schemes do not… There are various criteria which now appear for the first time within the security industry, or are emphasised far more than has previously been the case. Corporate social responsibility, environmental protection and community involvement are novel issues inducing a welcome breath of fresh air.

However, the core of the ACS inevitably focuses on key issues. The service delivery requirements – the ‘nuts and bolts’ of a scheme designed to measure a company’s customer-focused performance – duly appear in some form or fashion.

The benchmarks are similar

It is always difficult to judge criteria objectively and, certainly, all schemes are capable of swift revision to make them clearer or more robust. In overall simplistic terms, though, and given the anticipated ACS ‘pass mark’ (please do not hold me to the fine detail here or we will need to reproduce a tome!), the SIA scheme appears to benchmark approximately at the level of the NSI’s own Silver award scheme.

There are slightly differing opinions on this, but with 90 Gold companies, 110 Silver and something like 20 Bronze companies on our books, we are most definitely in a position to judge. Our best assessment, based on the input of our companies as stakeholders, is that the ACS will reach further down and, of course, not every company above it may take it up.

Put simply, the NSI and the SIA face huge dilemmas, as yet not addressed. How can the NSI adjust its world to fit into the ACS without degrading the value of our own Silver and Gold award schemes? And how might the SIA realise its laudable ambition to clean up the bottom end of the industry without undermining the already strong standards which we operate with around 200 of the best security companies at the top end of the industry?

Those are the strategic problems. Drilling down a little further, it doesn’t take long before you start to uncover some pretty intractable practical ones as well. NSI-approved companies base their internal management systems on ISO 9001:2000. Even the Silver companies, although to a lesser extent. ISO 9000 is not going to go away. Indeed, the customer base uses it extensively, and generally recognises when it is receiving a professionally implemented version of the standard. It is also true that it’s possible to attain an ISO 9000 certificate for your office wall with relatively little effort.

Not with the NSI, however, so on that basis let’s stick to the NSI issue...

The introduction of another parallel scheme, the ACS – based on the European Foundation of Quality Management (EFQM) – is nothing short of a nightmare. Two different management systems, two different sets of criteria, two types of external audit, possibly even two different auditing bodies… all to check what is a similar process

ISO 9000: the methodology

Most companies have organised internal reporting structures around their ISO 9000 methodology. The introduction of another parallel scheme, the ACS – based on the European Foundation of Quality Management (EFQM) – is nothing short of a nightmare. Two different management systems, two different sets of criteria, two types of external audit, possibly even two different auditing bodies… all to check what is a similar process.

Not only does this not make any common sense, it also adds headcount, cost, complexity and aggravation to an industry which already operates on very slim margins and is (in any case) growing under the pressure of change caused by licensing.

What we all need to start thinking about – and this encompasses the SIA, the NSI and the approved companies – is not how to increase the burden of regulation on this commercially fragile industry of ours, but rather how we might make effective regulation more efficient and cheaper.

We have recently consulted with our approved companies on how best we could transport our strengths into The Promised Land of regulation without increasing the burden placed on them. The idea that has come forward, and that we have now opened up with the SIA, is ‘passporting’.

Passporting: the concept explained

Passporting is neither new nor radical. Not only is it widely used in other industries and with other regulators, it is actually built into Government policy on regulation. The idea is both simple and straightforward. NSI-approved companies would cross the ACS frontier into The Promised Land by showing their NSI credentials. There would be no additional audits and no double bureaucracy.

From the strategy to the practicality, there is much to discuss. The SIA would, of course, need to have oversight and, in any case, would raise its ACS fee directly with the companies. There may be adjustments that they might like to see in how our standards are defined or measured, or in the ways in which the convergence of both standards becomes so close so as not to be worthy of formal separation. All of these issues could be settled through a detailed agreement – a Memorandum of Understanding or something similar – which sets out the basis and transparency of our co-operation.

The advantages to the SIA, the companies and the customers are obvious. The Regulator would itself need less complexity, lower administrative headcount and cost in order to implement the ACS. This saving could be passed on to companies, thus reducing the burden of regulation. We must not forget that it is, after all, public money being used. The mantra should always be: “Why spend your money if you don’t need to?”

What we all need to start thinking about – and this encompasses the SIA, the NSI and the approved companies – is not how to increase the burden of regulation on this commercially fragile industry of ours, but rather how we might make effective regulation more efficient and cheaper

Security companies would be able to access the positive spin-offs from both regimes without having to duplicate their entire management processes. A single audit, using established procedures, would enable them to keep their eye on the important regulatory changes involved in licensing without becoming bogged down by bureaucracy.

Ultimately, the customer – whom the NSI explicitly serves, and who will have to fund any regulatory burden passed down from the SIA – is more likely to view approved companies as commercially and contractually attractive if their overheads are lower. For the Regulator focused on improving industry profitability, this will surely be a telling argument.

While there are excellent lines of reason on strategy and practicality which we very much hope the SIA will recognise, there is another set of requirements which will hopefully nail the case. These emanate from the Government itself. The Five Principles of Regulation – articulated so clearly at this year’s BSIA Annual Luncheon by SIA chairman Peter Hermitage – slot perfectly into this passporting arrangement. Those principles are proportionality, accountability, consistency, transparency and targeting.

In terms of proportionality, regulation should be proportional to the risk. If the SIA were to focus the ACS on those companies which cannot meet the NSI’s exacting standards, and who have not submitted to voluntary regulation, then this principle would be met. On accountability, meanwhile, the SIA needs to show that it is flexible and fair under this principle. Passporting would illustrate this handsomely.

It is a Government requirement that regulators must take account of established, existing regulation. A key tenet of this principle is to uphold stability, so for NSI-approved companies which have invested heavily in their approval over many years, unnecessary change would be avoided. The NSI can easily demonstrate that its schemes meet the ‘national consistency’ requirements defined within this principle.

What of transparency? Regulators must be able to show that their regulations are clear, simple and user-friendly, and so the muddle of operating two standards would clearly not meet this requirement. It is a specific demand of this principle that duplication be avoided.

Targeting is important. The SIA will have been shown to target the ACS on this problem – ie those contractors who have not met SIA standards (which, not unimportantly, have been developed in conjunction with the industry and key stakeholders including the police, the insurance community and the client base). This principle requires support for specific groups to be forthcoming from the regulators. In this case, the NSI-approved companies. Evidence has to be provided that there is a risk to the public of not taking forward this type of initiative. As far as we are aware (and who would know better than us?) there is no such evidence.

Tried-and-tested argument

We are now approaching that frontier, and will be upon it very shortly. In a spirit of flexibility and co-operation, we are laying at the door of the SIA the arguments for passporting. We recognise that it is ultimately down to the SIA to decide upon the way forward.

We hope and expect that, in the balance of all things, the barrier will be raised in Statesmanlike-style – and that NSI approved companies can then march into The Promised Land with the minimum of fuss.