IRMA Standard for Responsible Mining (Draft 2.0)
Chapter 2.6 Security Arrangements
Security risks to mining operations may result from political, economic, civil or social factors. The role of public or private security forces used in relation to mining operations should be to maintain the rule of law, including safeguarding human rights; provide security to mine workers, equipment and facilities; and protect the mine site or transportation routes from interference with legitimate extraction and trade.
Mine security arrangements that are founded on a substantial understanding of the context, stakeholders and international best practice can help a company reduce the potential for violent conflicts with communities or workers; contribute to peace and stability in the regions where it operates; and demonstrate respect for the human rights of stakeholders affected by their operations.
Objectives/Intent of this Chapter
To manage security in a manner that protects mining operations and products without infringing on human rights.
Scope of Application
Chapter Relevance: The majority of the requirements in this chapter are relevant for any operating company that employs security personnel (e.g., security guards, public or private security forces) at its mine site, or in relation to transportation of its products or ore. Some requirements in this chapter are only relevant for companies that have security arrangements involving private security providers (126.96.36.199 and 188.8.131.52), and others are only relevant if public security forces such as police or military personnel are used (i.e., 184.108.40.206, 220.127.116.11, and 18.104.22.168).
NOTES TO READERS ON MAJOR CHANGES TO THIS CHAPTER:
- Removed the requirement to make a public “commitment to implement systems consistent with the Voluntary Principles,” as it was not clear what exactly that meant. It was not our intention that companies become VP participants, as that could present a barrier to smaller companies that may not have resources to put to attending meetings and undertaking the promotion required of participants. If companies meet the requirements of the IRMA chapter, they will be implementing systems consistent with the relevant provisions in the VPs.
- Changed the heading on 2.6.3 from “Conduct Human Rights Screenings” to “Due Diligence Prior to Hiring Security Personnel,” as the latter is the term used in the VP Implementation Guidance Tool.
- To reduce duplication and overlap between chapters, removed the old Criteria 2.6.5. Management of complaints and grievances, which referred to the IRMA chapter on Grievance Mechanism. Security-related grievances are still addressed in 22.214.171.124. And the overlap is mentioned in the table on Cross References to Other Chapters at the end of this chapter.
- Cross Reference table also acknowledges that information gathered for the security risk assessment may feed into other company assessments such as conflict risk assessment, ESIA, human rights impact assessments, and vice versa.
- Revised the annual reporting requirement to enable verbal reports to stakeholders or published reports such as those submitted as part of the VP process.
The means of verification (MOV) have been removed from this version of the draft IRMA Standard. If you would prefer to review and comment on a version of the draft Standard that has the means of verification, you can download a pdf version of the Standard with MOV.
Security Arrangements Requirements
2.6.1. Policies and Commitments Related to Security and Human Rights
126.96.36.199. The operating company shall adopt and make public a policy acknowledging a commitment to respect human rights in its efforts to maintain the safety and security of its mining project; and a commitment that it will not provide support to public or private security forces that have been credibly implicated in the infringement of human rights.
188.8.131.52. The operating company shall have procedures in place regarding the use of force, and firearms that align with the best practices expressed in UN Basic Principles on the Use of Force and Firearms. At minimum, the company’s procedures shall require that:
a. Security personnel take all reasonable steps to exercise restraint and utilize non-violent means before resorting to the use of force;
b. If force is used it shall not exceed what is strictly necessary, and shall be proportionate to the threat and appropriate to the situation; and
c. Firearms shall only be used for the purpose of self-defense or the defense of others if there is an imminent threat of death or serious injury.
184.108.40.206. If private security is used in relation to the mining operation, the operating company shall have a signed contract with private security providers that at minimum:
a. Sets out agreed on principles that are consistent with the Voluntary Principles on Security and Human Rights and other applicable international guidelines and the operating company’s procedures on the use of force and firearms;
b. Delineates respective duties and obligations with respect to the provision of security in and around the operation; and
c. Outlines required training for security personnel.
220.127.116.11. If public security forces are used in relation to the mining operation, the operating company shall make a good faith effort to sign a Memorandum of Understanding (MoU) with public security providers that includes similar provisions to those in 18.104.22.168.
2.6.2. Security Risk Assessment and Management
22.214.171.124. Prior to or during the early stages of project development, and as needed, the operating company shall follow a recognized risk assessment methodology to assess security risks and potential human rights impacts that may arise from security arrangements.
126.96.36.199. The scope of the security risk assessment shall include, but not be limited to: the identification of security risks; the potential for violence; the human rights records of private or public security forces; the rule of law; an analysis of the root causes of conflict (e.g., conflict analysis); and equipment transfers.
188.8.131.52. The identification and assessment of security-related risks shall be based on credible information obtained from a range of perspectives, including relevant stakeholders and expert advice.
184.108.40.206. The operating company shall develop and implement a risk management plan that includes actions to be taken to prevent or mitigate identified risks, and monitoring that will be conducted to ensure that mitigation measures are effective.
220.127.116.11. If the security risk assessment reveals the potential for conflicts between community members or workers and mine security providers, the operating company shall collaborate with communities and/or workers to develop culturally appropriate strategies to prevent or mitigate those risks. If specific risks to human rights are identified in the assessment, the mitigation strategies shall conform with requirements in IRMA Chapter 2.4.
2.6.3. Due Diligence Prior to Hiring Security Personnel
18.104.22.168. The operating company shall develop and implement due diligence procedures to prevent the hiring of company security personnel and private security providers who have been convicted of or credibly implicated in the infringement of human rights, breaches of international humanitarian law or the use of excessive force.
22.214.171.124. The operating company shall make a good faith effort to determine if public security personnel providing security to the mine have been convicted of or credibly implicated in the infringement of human rights, breaches of international humanitarian law or the use of excessive force.
126.96.36.199. Prior to deployment of company or private security personnel, the operating company shall provide training that incorporates, at minimum, information related to ethical conduct and respect for the human rights of mine workers and affected communities, and the company’s policy on the appropriate use of force and firearms. Initial training and refresher courses shall be mandatory for all operating company personnel involved in security, and for private security contractors that have not received equivalent training from their employers.
188.8.131.52. If public security forces are to be used, the operating company shall determine if public security personnel are provided with training on human rights and the appropriate use of force and firearms. If this training is not occurring, the operating company shall offer to facilitate training for public security personnel that provide mine-related security.
184.108.40.206. If requested by the community, the operating company shall offer a separate training or workshop for community stakeholders on the company’s procedures on the use of force and firearms, and other relevant issues related to security and human rights.
2.6.5. Management of Security Incidents
220.127.116.11. The operating company shall:
a. Develop and implement systems for documenting and investigating security incidents, including those involving impacts on human rights or the use of force;
b. Take appropriate actions, including disciplinary measures, to prevent and deter abusive or unlawful acts by security personnel and acts that contravene the company’s policies on rules of engagement, the use of force, and firearms;
d. Report security incidents, including any credible allegations of human rights abuses by private or public security providers, to the competent authorities and national human rights institutions, and cooperate in any investigations or proceedings;
e. Provide medical aid to all injured persons, including offenders; and
f. Ensure the safety of victims and those filing security-related allegations.
18.104.22.168. In the event of security-related incidents that result in injuries, fatalities or alleged human rights impacts on community members or workers, the company shall provide communities and/or workers with information on the incidents, any investigations that are underway, and shall consult with communities and/or workers to develop strategies to prevent the recurrence of similar incidents.
2.6.6. Communication and Disclosure
22.214.171.124. The operating companies shall consult regularly with stakeholders, including host governments and local communities, about the impact of their security arrangements on those communities; and shall report to stakeholders annually on the company’s efforts to manage security in a manner that respects human rights.
126.96.36.199. Stakeholders shall have access to and be informed about a mechanism to raise and seek recourse for concerns or grievances related to mine security.
188.8.131.52. If public security forces are providing security for mining-related operations, the operating company shall encourage host governments to permit making security arrangements transparent and accessible to the public, subject to any overriding safety and security concerns.
184.108.40.206. The security risk assessment, risk management plan and monitoring results shall be documented and made available to the IRMA auditor.
This chapter draws on the Voluntary Principles on Security and Human Rights (“Voluntary Principles”), which provides a widely recognized framework for risk assessment and management of security providers that is respectful of human rights. Companies are encouraged to become corporate participants in the Voluntary Principles Initiative, to learn from and share knowledge with other companies and participants regarding best practices related to security and human rights.
Cross Reference to Other Chapters
|1.2—Revenue and Payments Transparency||If information on payments to made to governments (e.g., for the provision of public security forces or other related in-kind payments of equipment, etc.) was collected for the security risk assessment, it may feed into reporting requirements in Chapter 1.2 (i.e., 220.127.116.11. and 18.104.22.168.).|
|2.4—Human rights Due Diligence and Compliance||The security policy may be integrated into a human rights policy as per Chapter 2.4. Information from security risk assessments may feed into the human rights impact assessment. If human rights risks or impacts are identified in the security risk assessment, risk/impact prevention or mitigation strategies shall be designed as per the requirements in Chapter 2.4., Criteria 2.4.3. Reporting on security management (requirement 22.214.171.124) may be done through a company’s human rights reporting (requirement 126.96.36.199), if the latter occurs on an annual basis.|
|2.5—Mining and Conflict Affected Areas||Information from the security risk assessment may feed into conflict screening/conflict risk assessment, or vice versa.|
|2.8—Community and Stakeholder Engagement||All stakeholder engagement in Chapter 2.6 must conform with the requirements of Chapter 2.8. Chapter 2.8, Criterion 2.8.3. is important to ensure that affected stakeholders have the capacity to fully understand their rights and participate effectively in the assessment and development of prevention/mitigation plans, monitoring, and remedies for impacts on their safety and human right. And 2.8.4. ensures that communications and information are in culturally appropriate formats and languages that are accessible and understandable to affected communities and stakeholders, and provided in a timely manner.|
|2.13—Grievance Mechanism and Access to Other Remedies||The filing of security-related complaints or grievances may be done through the operational-level grievance mechanism, or through a security-specific mechanism developed in accordance with Chapter 2.13. If a separate mechanism or procedures are created specifically for security-related compE.g., The operating company may either report verbally, for example at a public meeting, or publish a report (such as an annual progress report produced by companies participating in the Voluntary Principles on Human Rights) that is available to stakeholders. See Guidance for more information.laints, they should be developed in a manner that aligns with Chapter 2.13.|
|4.1—Environmental and Social Impact Assessment||Information from the security risk assessment, such as potential social impacts, may feed into the Environmental and Social Impact Assessment.|
1. These commitments may be made in a broader Human Rights Policy, or another relevant policy.
3. E.g., the International Code of Conduct for Private Security Service Providers; UN Basic Principles on the Use of Force and Firearms by Law Enforcement Officials (see endnote 2); and the United Nations Code of Conduct for Law Enforcement Officials.
4. Risk assessments in 2.6.2 are not one-time occurrences. According to the Voluntary Principles on Security and Human Rights Implementation Guidance Tools, “Any major decision relating to a project or company might represent an appropriate time to conduct or renew a VPs risk assessment. This may be alongside a project expansion, an acquisition or merger or any other major business decision. Major changes in external circumstances may bring about the need to conduct a VPs risk assessment. This may include a change in government, the outbreak of conflict, an economic crisis, or a major political or policy decision (Source: ICMM, IFC and IPIECA. 2012. Voluntary Principles on Security and Human Rights Implementation Guidance Tools. p. 24.
5. Guidance will cover this more extensively, but risk assessments typically include: Establishment of scope; Identification of sources of risk; Identification of risks; Assessment of risks; Development of risk treatment and mitigation measures; and Communications, Monitoring and Assessment and Revision (Source: Voluntary Principles Implementation Guidance Tool. p. 23). The assessment of security risks may be integrated in existing risk assessment processes.
6. Relevant local stakeholders may include local government or community leaders; civil society organizations; other companies operating in the area. Expert advice may come from governments, multi-stakeholder initiatives, human rights institutions and civil society or academics with local knowledge and expertise. See IRMA Guidance (under development) for more information.
7. Chapter 2.4—Human Rights Due Diligence and Compliance. (See specifically, requirement 188.8.131.52).
8. Due diligence includes research or investigations to vet prospective private security providers and security personnel such as: history of respect for/violations of human rights law and international humanitarian law; personal/business reputation; management style and ethics of key executives; litigation and criminal offence history; procedures on use of force and firearms; compliance with health, safety and environmental regulations; etc. (VP Implementation Guidance Tools. pp. 52, 53). This will be explained in more detail in IRMA guidance.
9. Chapter 2.4—Human Rights Due Diligence and Compliance. (See specifically, requirement 184.108.40.206).
10. E.g., The operating company may either report verbally, for example at a public meeting, or publish a report (such as an annual progress report produced by companies participating in the Voluntary Principles on Human Rights) that is available to stakeholders. IRMA Guidance will provide more information.
11. The operational-level grievance mechanism developed as per Chapter 2.13 may be used as the mechanism to receive and address security-related grievances, or a separate mechanism may be created to handle only security-related concerns. If a separate mechanism is developed, it shall be done in a manner that is consistent with IRMA Chapter 2.13.
13. Voluntary Principles on Security and Human Rights. 2014. “Voluntary Principles Initiative – Guidance on Certain Roles and Responsibilities of Companies.”