The Evolution of Security Industry Regulation in Australia: A Critique

This paper charts the main changes in security industry regulation in Australia from the 1980s to the present time, and provides a critique of the regulatory framework and the change process. Change has largely been driven by recurring conduct scandals, with governments obliged to introduce increasingly more stringent integrity checks and competency standards in an attempt to diminish widespread concerns about the industry. Despite the lack of strategic planning, a significant learning process is evident and a clear model of best practice has emerged. Recent enquiries show that Australia still does not have an optimal system for managing the industry but change has been in the right direction, with scope for fine‐tuning to ensure more responsive and effective regulation.


Global industry growth
The growth of private security has been a key factor behind the expansion of security industry regulation. As more and more people have come into contact with security personnel or become dependent on security technology, there has been an increasing recognition of the need for better management of these encounters and relationships. The industry came to prominence in the 1960s and 1970s and grew rapidly, with reports indicating that security personnel now outnumber police by two-or-more to one in many countries, including the United States, China, India and South Africa (Small Arms Survey 2011). Elsewhere, such as in Europe, private security numbers have generally remained below those of police, although differential trends have favoured growth in the private sector. A 2011 survey across 70 countries estimated there were 19.5 million people employed in private security, with a total of 25.5 million across all countries (Small Arms Survey 2011: 101-106). The entire industry was valued at $US100-165 billion per annum, with an annual growth rate of 7-8 percent. Across the 70 countries surveyed, private security personnel were estimated to outnumber police by a ratio of 1.8:1. In Australia, the most recent study of the size of the industry estimated that, in the years 2006-08, there were on average 45,000 police and 112,000 licenced security providers although many security providers were part-time (Prenzler, Earle and Sarre 2009).
Growth in private security has been attributed to a wide variety of factors (Jones and Newburn 2006;Shearing and Stenning 1983). Deliberate policies of privatising policing have not been particularly significant. The main factor appears to be market demand, driven by the large increases in crime from the 1960s through to the turn of the century. Increasing crime has, in turn, been associated with the increasing prosperity and personal mobility that emerged over this period. The growth of 'mass private property' venues, such as shopping centres and sports stadiums was another factor as were improvements in security technology, legislated workplace safety standards, increased litigation by victims of crime, and the post-Munich and post-9/11 terrorist threats. The current downward trend in crime, especially property crime, is also closely associated with the uptake of security and continuous growth in the sector (van Dijk 2012).

Misconduct issues
Industry growth led to the increasing exposure of clients and members of the public to diverse forms of misconduct by security providers (George and Button 2000;Johnston 1992;Jones and Newburn 1998;Prenzler 2004). Perhaps the most prominent example is violence and negligence by security staff at entertainment venues. The violence problem, more generally, includes misuse of firearms and other weapons, including guard dogs. Insider crime has been another feature of the emerging risk profile of the industry along with general incompetence and poor standards, including wasted police time responding to false alarms. The private inquiry industry has also been subject to recurring allegations of breaches of privacy.
Like public policing, security has a risk profile that derives from the pressures and opportunities inherent in the work and, as with police, governments have grudgingly increased regulation of the sector (Prenzler and Sarre 2008). There have also been efforts by professional security associations to address conduct issues through membership standards. However, associations usually have limited investigative capacity and limited reach through voluntary membership. 'Regulation' has also occurred through criminal and civil law; employment, fair trading, privacy and weapons legislation; and the market itself. However, each of these mechanisms is limited in their capacity to bring offenders to justice or to deter misconduct more generally Stenning 2000).
The main default position therefore has been for governments to legislate and administer occupational licensing regimes. These typically involve two main elements: certification of competency through minimum training requirements, and certification of integrity through the application of disqualifying offences and associated character checks (such as reference checking) (Button 2012). Licensing systems have been rolled out internationally, mainly from the 1980s, with enormous variation in requirements, coverage of industry sub-sectors, and levels of enforcement, with European countries evidencing some of the most developed systems (Button 2012). Recently, the Confederation of European Security Services (CoESS) assessed the level of 'strictness' of regulations across 34 countries: 2 were rated as 'low', 8 as 'medium', 17 as 'strict' and 6 as 'very strict' (CoESS 2011: 150).

The first wave of reform
In Australia, regulation of the private security industry is the responsibility of states and territories. The first wave of industry-specific regulation is associated with the New South Wales Security (Protection) Industry Act 1985, which introduced licensing of security firms and employees. Criteria included 'prescribed qualifications and experience' and disqualification for 10 years for offences against the Act and convictions for indictable offences (s.10). The focus was on guards, consultants and some classes of security equipment providers. The Police Service administered the Act, setting training standards at two days, with firearms accreditation after one day of training (New South Wales Police Service 1995: 16 qualifications and the introduction of an offence of harassment. The situation in New South Wales pre-1985 was similar across Australia, with tokenistic legislation focused on debt collectors, process servers, private investigators and some classes of security guards. Obtaining a licence was described as being: as simple as filling out a form, paying a fee, and taking it to the local licensing sergeant ... after which you could strap a gun to your hip and protect premises, go on patrol and provide cash carrying services. (Cowan 2009: 77)

Conduct issues
The introduction of industry-specific regulation in Australia was driven by a diverse set of problems centred around competence and misconduct, issues given increasing attention by a critical media (Cowan 2009 1973(Legislative Assembly 1985. The amendments to the Weapons Act were designed to improve gun control following mounting concerns about firearms misuse. These concerns were brought to a head by the 1984 'Milperra Massacre', involving a shoot-out between rival motorcycle gangs in a public place. There were concerns that the original Act allowed security guards to carry guns on private property without a licence, even though they were unable to use the weapon for defence outside the designated property. This issue was particularly salient in relation to the need for better protection against armed robberies. The situation was addressed through the amended weapons legislation and the new Security (Protection) Industry Act 1985 by allowing licenced guards to obtain a weapons licence. In addition, an industrial dispute in New South Wales in 1983 brought to light the lack of training, supervision and safety standards in the industry.
There were also concerns about unethical conduct by commercial agents and private inquiry agents including breaches of privacy, stalking and harassment.
Across the 1980s and into the 1990s, the industry also attracted negative publicity over violence associated with crowd controllers at licenced premises. A crisis of sorts emerged in the late-1980s and early-1990s in various parts of Australia. In 1989, a member of the Queensland parliament claimed that at least 10 people were taken to hospital each week because of assaults by venue staff. The Acting Premier described '"bully boy" bouncers' as 'a growing menace' (quoted in Prenzler, Baxter and Draper 1998: 22). A variety of groups -including police, concerned parents, employers, doctors and security operators -called for better controls and training of crowd controllers (Prenzler et al. 1998;Queensland Parliamentary Debates 1993: 6419). In the Australian Capital Territory a discussion paper described 'serious problems' accompanying security industry growth, noting that 'violence and allegations of criminal infiltration have dogged the industry' (Attorney General's Department 1992: i).
In Victoria, the problem was crystallised in a report, Inquiry into Violence in and around Licenced Premises, by the Victorian Community Council Against Violence (1990). The report identified a serious problem with harassment, fights and assaults around licenced premises. It was estimated that about 20 per cent of all reported serious assaults in the state were associated with licenced premises -over 800 per year. The researchers surveyed nightclub patrons and found the large majority had witnessed violence, while 30 per cent claimed to have been victims of violence and 37 per cent of this group claimed the violence was perpetrated by crowd controllers. Deregulation of liquor licensing in 1987 was identified as a key influence on the problem, with cheap-drinks promotions and all-night opening hours. Hotel and nightclub managers were criticised for permitting or encouraging aggression by crowd controllers. The report found there were no training requirements or training standards, and that crowd controllers were frequently victims of violence.
IJCJ 41 Online version via www.crimejusticejournal.com © 2012 1(1) The mid-1990s saw a number of exposés of fraud by security providers (Australian Competition and Consumer Commission 1996: 42;Prenzler 2004: 286). In Queensland and New South Wales, the former Trade Practices Commission investigated a 24-hour intruder and emergency alarm pendant system operated by Metropolitan Security Services. The 'Neva Alone' system, designed for elderly and infirm persons, frequently failed to activate properly. The Commission also found that, at times, the control room was unstaffed. In Newcastle, whistle-blowers at Chubb revealed that data readouts on patrol checks of clients' premises were being falsified. An Australian Competition and Consumer Commission investigation in Perth found that Wormald had failed to provide adequate mobile patrol checks. In Brisbane, an undercover investigation by journalists led to the successful prosecution of Mayne Nickless for failing to provide contracted security checks on premises.
Also in the mid-1990s, in New South Wales, another enquiry was triggered by a variety of adverse incidents, including allegations of under-award payments in the contract-security industry. Chief Inspector Wedderburn of the New South Wales Police Service (1995: 9) cited 'numerous instances of malpractice in relation to the exploitation of security personnel'. Labour costs had been misrepresented in contracts, and some employers had been abusing the federal government's Job Start subsidy system by terminating employees once the subsidy expired. The Wedderburn report also found that persons with criminal histories for burglary and armed robbery were being trained and licenced in alarm installation, including how to bypass or suppress security devices. One case was identified in which a court issued a security guard licence to a convicted armed robber on weekend detention. The use of firearms by security officers continued to cause concern. Wedderburn described the attitude of some companies to issuing firearms as 'cavalier', and cited the view of firearms instructors that one day of weapons instruction was 'totally inadequate' (1995: iv and 17). The overall finding was that it was still far too easy to set up a security business or to work as a security provider, with only the most minimal requirements and checks, many of which could be easily bypassed.
New South Wales was also the site of a report by the Independent Commission Against Corruption (1992) which found that private investigators were brokering an extensive trade in confidential information, estimated to have exceeded $1 million over several years. Finally, in 1995, shootings associated with armed robberies, including the shooting of two security officers, led to an Industrial Relations Commission (1997) enquiry into the cash-in-transit industry in New South Wales. The enquiry found that the licensing system had failed to deliver appropriate training for guards and to stop criminals entering the industry. There was also a negligent approach, the enquiry said, to deliveries that created high levels of risks for security officers and members of the public.

Regulatory responses
These cases and other incidents severely tarnished the image of the industry. In the media, terms such as 'backyarders', 'cowboys', 'thugs' and 'criminals' were used to describe sections of the industry (see, for example, Background Briefing, 1995;Wilson 1994). There were increasing calls for more effective regulation. Victoria was the first 'cab off the rank' in responding to the problem. The 1990 report by the Victorian Community Council Against Violence led directly to the Private Agents (Amendment) Act 1990, which, in amending the Private Agents Act 1966, introduced a specific training and licensing requirement for crowd controllers. The Act was attributed with producing major reductions in violence (Frost 1991 The New South Wales Security Industry Act 1997 included a range of improvements (Legislative Assembly 1997: 2089-2090. Criminal history checks were made compulsory before an applicant could enter into a training program, with regular checks to ensure currency. Disqualifications were permanent for persons convicted of robbery and firearms offences. Training centres were subject to approval by the Vocational Education Training Accreditation Board (VETAB). The new Act also introduced a unique form of 'co-regulation', in which security firms were required to obtain membership in professional associations, which conducted their own compliance reviews. Firms were also required to comply with standards in areas such as insurance, industrial awards and a code of practice. A new civilian office within the Police Ministry was created to counter the alleged understaffing that had partly undermined the administration of the 1984 Act. These changes were triggered by the Wedderburn and Industrial Relations Commission enquiries, referred to above, and planning for a large private security contribution to the 2000 Sydney Olympic Games. Table 1 shows the situation in 1998 at the end of this first period of major reform. The main elements of the new legislation were the introduction of compulsory pre-employment training and disqualifying offences in areas such as theft, fraud and violence. Training requirements for guards and crowd controllers were highly variable. South Australia required 12 days; New South Wales six days; and Queensland, Western Australia and the Northern Territory required between 3-5 days (Prenzler and Sarre 1999: 14). All jurisdictions licenced security firms, contract guards and crowd controllers, and all except the Northern Territory and Australian Capital Territory licenced inquiry agents. Beyond that, there were significant gaps and inconsistencies in relation to bodyguards, security consultants, control room operators, installers and repairers, and locksmiths and trainers. Only New South Wales and Western Australia had near complete coverage of all security occupations . Administration of the legislation was spread across police departments and consumer affairs divisions within justice departments around the nation.

The second wave of reform
One of the major drawbacks in the first wave of regulatory reform was that measures were never developed to assess the impact of the new laws. 1999). However, the inadequacies of the new systems rapidly became apparent in a further series of scandals and exposés, which revealed a more complex and problematic picture of the industry.

Conduct issues
Problems associated with security guards, firearms and safety continued on from the 1990s into the 2000s. In 1998, a shoot-out between armed robbers and armoured car guards in a busy Brisbane street resulted in several injuries, including the permanent paralysis of a passer-by (Prenzler 2004: 287-288). In a similar incident in Adelaide, in 1987, a shopper in a crowded street was hit by a bullet fired by a security guard at intruders (referred to in Sarre 1998). In New South Wales, between 2003 and, there were a number of thefts of firearms from security guards and security firm premises. In one three-month period, 56 firearms were stolen in six incidents (Duff 2005). The firearms problem received national attention following an incident in Sydney in 2004 when a cash-in-transit guard, who had been seriously assaulted, shot dead the escaping thief. The case exposed serious shortcomings in unarmoured, 'soft skin', cashin-transit operations (O'Rourke 2004).
The problem of assaults associated with licenced premises also continued to grow. In Victoria, in 2004, it was reported that over 50 persons were suing security providers for compensation for injuries that included fractured skulls and broken jaws (Butler and Kelly 2004;Owen-Brown 2004). The death of prominent cricketer and commentator David Hookes, following an altercation with a crowd controller, received enormous national media coverage (Sarre and Prenzler 2009: 128;Schwarz 2006). In Adelaide, in a high profile case, five brothers sued security staff for assault after an incident in a shopping centre, while the Advertiser reported that police had charged 87 bouncers for assault-related offences over a two year period (Hunt 2004;The Advertiser 2004a Further revelations of fraud and corruption in the industry were forthcoming. In Victoria, a major investigation -Operation BART -by the Victorian Ombudsman (1998) revealed a corruption network that operated over three decades involving security firms making cash payments to police to bypass an emergency security repair allocation system. In 2004, Australia's largest security firm, Chubb, pleaded guilty in the Federal Court to 26 charges that it had misrepresented its ability to fulfil conditions in its mobile patrol contracts in Sydney, the Central Coast, Canberra and Tasmania. After pleading guilty, the company was fined $1.5 million but kept its licence after agreeing to major internal reforms (Australian Competition and Consumer Commission 2005: 47, 63, 129; Wallace 2004).
Further scandal followed in 2005 when a review of airport security was initiated by the federal government following insider allegations of lax security and criminal infiltration. The 'Wheeler Report' identified major gaps in Australia's airport security system, including inadequacies in cargo screening, checks on staff, supervision, and coordination between public and private security providers (Wheeler 2005). Apart from exposing airlines to terrorist attacks, the problems included trafficking in illicit goods, theft, and infiltration by organised crime. In the same year, an Australian National Audit Office (2005) report identified inadequacies in surveillance and screening in border security, especially at cargo ports.
Concerns about airport and seaport security, and the involvement of outlaw motorcycle gangs in security, led to an Australian Crime Commission (ACC) 'special intelligence operation' into criminal infiltration of the industry, which began in September 2007 and was completed in June 2009 (Australian Crime Commission 2009: 54). A major investigative process was launched which included undercover operations, interviews, advertising for submissions and datamining. The Commission found that 'the vast majority of companies and individuals working in the private security industry were legitimate and provide an excellent service to the Australian community' (Australian Crime The changes to the regulatory framework were piecemeal and complex. An analysis of the main elements of the legislation was conducted by Sarre and Prenzler (2011: chapter 2), and is summarised briefly as follows.
In terms of coverage of the industry, licensing was extended to almost all areas of security work, including locksmiths, consultants, in-house security personnel, trainers, and electronic system installers and monitors. The number of disqualifying offences was also enlarged to cover areas such as firearms offences and drug offences. Regulators were given greater powers to deny or suspend licences on discretionary grounds, including evidence of poor character and criminal associates, using confidential intelligence, without the need to provide a reason in some cases (New South Wales and South Australia). Most jurisdictions also suspended licences when a licence holder was charged with a criminal offence, and licence holders were also required to inform the regulator if they had been charged. Mandatory fingerprinting allowed for more reliable checks on criminal histories.
There were also large numbers of minor changes aimed at keeping the licensing system up-todate and improving the accountability of licence holders. These covered diverse matters such as the requirement of the display of ID, keeping of records and recording incidents, and more frequent inspections of security firms and operatives. There were associated changes in liquor licence regulations in some jurisdictions too, focused on stipulated ratios of crowd controllers to patrons, and powers to shut down premises with recurring problems of violence. South Australia and Western Australia introduced drug testing of crowd controllers, and South Australia introduced a discretionary power to order applicants or licence holders to undertake a psychological test.
One major initiative in this period was the adoption by the Council of Australian Governments (COAG) of the issue of national consistency in regulation. In the post-9/11 security environment, COAG recognised 'the important contribution the private security industry makes in supporting Australia's counter-terrorism arrangements' (COAG 2005: 5). In an effort to improve standards, the Council commissioned a major report, published in 2007, which recommended regulatory 'harmonisation' (The CIE 2007). The opportunity was, however, stymied by New South Wales Premier Morris Iemma, allegedly because it would entail reducing standards in his state (Coorey 2007). The only real progress occurred in training, with the introduction of nationally accredited certificate level courses in security. The new system provided security staff with a basic qualification, more consistency in curricula (including more attention to conflict management, communication and management of intoxicated persons) and legal and procedural requirements. In a parallel development to regulatory reform, and following the Wheeler Review, the federal government announced $200 million in airport security upgrades. The plan included control of security by Australian Federal Police at major airports, enhanced sharing of information between agencies, and the creation of investigation teams focused on organised crime. In addition, fingerprinting requirements and better training were introduced for airport staff, with additional screening of passengers and baggage, increased airside perimeter patrols, and wider CCTV coverage (Customs 2005;Dodson and Wilkinson 2005).

Critique and recommendations
The present study has documented diverse and recurring problems in the security industry, and belated and reactive reform efforts by Australian state, territory and federal governments. The problems revealed by all these enquiries -from the 1980s to the 2000s -were not unique to Australia. They are common throughout the industry, especially in the less regulated jurisdictions internationally (Button and George 2006;Panorama 2008). They evince a standard set of misconduct risks. Not unlike what happened in many other jurisdictions, Australian governments repeatedly failed to heed warnings about these risks from the industry associations. They also failed to adopt a best practice model of regulation set out by industry associations and academics, based on insider knowledge and international research about required competencies and the risk profile of the industry (for example, Button 2012; Prenzler and Sarre 2008;South 1983;Stenning 2000). Overarching the failure of regulatory systems were critical failures of consultation and accountability.
Aspects of the most recent investigations and regulatory changes were also characterised by inadequate accountability, transparency and consultation, and failure to engage with a clear national model. The ACC investigation resulted in a highly cut-down report for public consumption, with no details on outcomes in terms of prosecutions and convictions or the exact nature of the promised enhanced surveillance of the industry by policing agencies (Australian The area of training generally provides grounds for ongoing concern. There is no legislative requirement for public disclosures of training methods and quality control. In that regard, a key regulatory task of reassuring consumers about the competency of security providers has not been realised. The national certificate requirements represent a major step forward, but these are limited to operatives, with no requirements for the holder of a company licence or government security managers to have training. In Queensland, as one example of an anomaly, it is possible to obtain a security consultant licence without undertaking any training (Office of Fair Trading 2012). Indeed, the ease with which a person can obtain a security licence in Queensland (along with allegations that the assignment answers are provided by one less than reputable training agency) was highlighted in a media report recently (Harvey 2012).
Outside basic training requirements, national consistency remains as elusive as ever, despite decades of lobbying by the industry. Significant differences remain between jurisdictions, including in the areas of licence categories, terminology and fees. Differences also remain in areas such as drug and alcohol tests, disqualifying offences and disqualifying periods, criminal history checks, 'fit and proper' tests, 'close associate' checks, testing for drugs and alcohol, and controls on firearms. There are also differences in the roles of stakeholders on regulator advisory boards, and the use of enforceable codes of conduct. As an example of the way in which the jurisdictions essentially go their own way, the New South Wales model of co-regulation was adopted in Queensland around the same time it was abandoned in New South Wales.
In 2010, a nationwide survey of security firm owners and security managers found very mixed views on regulation (Sarre and Prenzler 2011: 55-75). When asked about pre-licence training, a majority felt that courses were adequate in the areas of knowledge of law (60 per cent), basic security procedures (83 per cent) and occupational health and safety (78 per cent). However, training was considered inadequate in developing skills in communication (73 per cent), conflict resolution (69 per cent), physical restraint (69 per cent) and self-defence (75 per cent). In addition, 59 per cent thought that the system in their jurisdiction was highly ineffective in 'removing disreputable operators from the industry', and 67 per cent felt that compliance with legislation was not effectively monitored (2011: 57, 74).
This paper has focused upon security industry regulation but it has also documented how regulation is not unrelated to airport and seaport security. Furthermore, implementation of the Wheeler reforms has been problematic. In 2008 accusations surfaced that the full complement IJCJ 48 Online version via www.crimejusticejournal.com © 2012 1(1) of airport police had not been reached and many of the security upgrades had only been partially implemented (O'Brien and Wilson 2008). Similar problems of inadequate checking of goods and vetting of staff at seaports were identified by Customs' Director of National Intelligence and Targeting, in testimony before a parliamentary committee (Maley 2008).
However, the most concerning issue for the industry remains that of violence associated with crowd controllers in and around licenced premises. The problem has never been systematically addressed at the national level, despite almost continuous media coverage and alarm over violent incidents ( Reform of crowd control and liquor licensing needs to tie in with the more complete adoption of principles of 'responsive regulation' and 'smart regulation' (Ayres and Braithwaite 1992;Gunningham and Grabosky 1998). There needs to be more research conducted by regulators that includes consultation with practitioners about their needs. Standard performance measures need to be developed and routinely reported in areas such as complaints, prosecutions and public experiences to gauge the impacts of regulatory strategies, and to make modifications where necessary. A range of advanced investigative techniques, some of which were adopted by the more recent enquiries, also needs to be adopted as standard practice by the regulators including surveillance, covert operations, application of listening devices, and compulsory hearings. One way of moving this forward is for the federal Attorney-General's Department to take a more proactive role in coordinating the development of a model Act and regulations, which all jurisdictions could adopt through the COAG process. The salience of the industry provides a strong justification for the creation of a small unit in the Department to have a research and monitoring role, and to promote a nationally consistent approach towards best practice regulation.

Conclusion
Security industry regulation in Australia evolved via a piecemeal process which has been largely crisis-driven and reactive. Revelations of recurring and diverse forms of misconduct triggered various regulatory 'fixes', which have proved to be inadequate, necessitating further attempts to halt damaging and embarrassing scandals. The current system represents a significant improvement from the 1980s, when industry-specific legislation was first introduced. Persons wishing to work in the industry now face a range of competency and integrity checks that provide at least a minimal underwriting of standards by government. From a national perspective, however, the system remains fragmentary, and there is little evidence of consistent improvements in the industry. It is clear that a much more proactive approach is needed that involves a mix of legislation and regulatory strategies designed to produce quality outcomes in the delivery of vital security and safety services.