Hiring Security Personnel Overseas: A Practical Guide for Corporate Clients

Hiring security personnel in a country you know is complex enough. Doing it in an unfamiliar market, with different licensing law, different vetting standards, and different liability frameworks, is a materially more demanding task.

Corporate clients engaging security support overseas need to understand what they are actually buying, what the provider is legally required to hold, and where the duty of care obligation falls if something goes wrong. This guide covers each of those questions.

Understanding the Local Regulatory Framework

Before contacting any overseas security operator, understand the licensing structure in the destination country. This determines who can legally provide the service you need.

Most countries with a developed private security market require security companies to hold a national or regional licence from a specific regulatory body. The list of relevant regulators is different in each country:

• Nigeria: Nigeria Security and Civil Defence Corps (NSCDC)
• South Africa: Private Security Industry Regulatory Authority (PSIRA)
• Colombia: Superintendencia de Vigilancia y Seguridad Privada (SuperVigilancia)
• Mexico: Dirección General de Seguridad Privada (federal level, plus state licences)
• UAE (Dubai): Security Industry Regulatory Agency (SIRA)
• India: State-level PSARA licences (each state has a separate authority)
• Philippines: PNP-SOSIA (Philippine National Police Supervisory Office for Security and Investigation Agencies)
• Kenya: Private Security Regulatory Authority (PSRA)

The first question to any operator in one of these markets is: “Please provide a copy of your current licence from the relevant regulator.” If they cannot, the conversation ends.

For a country-by-country breakdown of licensing requirements, see our security regulation guides for each of the 15 P1 countries.

Vetting an Overseas Operator: The Process

Verifying a licence confirms legal compliance. It does not confirm operational quality. A thorough vetting process for an overseas operator covers five areas.

Licensing and compliance. Current national licence from the relevant regulatory body. In markets with state-level or emirate-level licensing (India, Mexico, UAE), confirm the licences cover the specific operational areas you need.

Insurance. Public liability and employers’ liability insurance. Request a current certificate, not a verbal confirmation. In high-risk markets where incidents are more likely, the insurance position matters more, not less. Minimum public liability of the equivalent of £5 million is a reasonable baseline. In some markets, operators carry lower limits and it is worth asking specifically.

Personnel vetting. What is the company’s vetting standard for personnel? At minimum: identity verification, criminal background check, and reference from previous employer. In markets with a documented problem with personnel infiltration of security companies by criminal elements (parts of West Africa and Latin America), a higher standard is appropriate. Ask specifically how the company handles the discovery that a personnel member has misrepresented their background.

Training standards. What does the company require its personnel to have completed before deployment? The regulatory minimum in most markets is a basic guard training course. Ask whether personnel are trained beyond this minimum and in what specific disciplines. For executive protection roles, ask about CP training accreditation and whether any personnel hold internationally recognised qualifications such as SIA Close Protection (UK) or comparable credentials.

References. Ask for two or three references from previous clients with comparable requirements. Contact those clients directly. Ask specifically: did the operator perform to the agreed standard, how did they handle an unexpected situation, and would you engage them again.

The Arms Question

The arms question is the area where overseas security arrangements most frequently go wrong, because clients assume that if the threat environment warrants armed security, armed security can be arranged. This is not always correct.

In several major markets, armed private security for commercial clients is either prohibited or requires specific government authorisation that takes weeks or months to obtain:

• India: Private armed security for commercial clients is not a standard service. Armed security typically involves off-duty or seconded police personnel through official channels.
• Indonesia: Armed private security does not exist in the commercial market. Police provide armed escort when required.
• UAE: Private armed security is prohibited for commercial clients. The UAEs extremely low crime rate makes this a non-issue in practice for most engagements.
• Thailand: Armed private security is limited. Most EP in Thailand is unarmed.

In markets where armed security is available to commercial clients (Colombia, Nigeria, Brazil, South Africa, Philippines), the operator must hold the specific additional licence or authorisation for armed operations. Verify this separately from the basic company licence.

Clients who import their own armed personnel from a home country face a different problem. Most destination countries require foreign security personnel carrying weapons to have specific government authorisation that is either unavailable or subject to lengthy application processes. Operating without this authorisation is a criminal matter in most jurisdictions. The liability falls on the company that arranged the deployment as well as the individuals involved.

Duty of Care: What the Law Requires

For UK-incorporated companies, the duty of care to employees travelling overseas is governed by the Health and Safety at Work Act 1974, the Management of Health and Safety at Work Regulations 1999, and the Corporate Manslaughter and Corporate Homicide Act 2007. These obligations apply regardless of the country where the work takes place.

The practical implication is that a company cannot discharge its duty of care by engaging the cheapest available local operator and hoping for the best. The company must be able to demonstrate, in the event of an incident, that it took reasonable steps to assess the risk and that the security provision it engaged was appropriate to the assessed risk.

A documented risk assessment for the trip, a documented vetting process for the security provider, and a written contract with appropriate representations and warranties are the minimum evidential requirements for a defensible duty of care position.

For non-UK companies, the equivalent obligations apply under the laws of their jurisdiction. The principle is universal even if the specific legislative framework differs.

Engaging Through a Network Provider

An alternative to direct vetting of a local operator is engagement through an international security network provider who has already completed the vetting process and maintains ongoing quality assurance of their approved operators.

Network providers maintain vetted operator relationships in multiple markets and take responsibility for the quality of the local partner. The client engages one provider, receives one contract, and benefits from pre-existing vetting work rather than conducting the process themselves.

The cost of this arrangement reflects the network provider’s overhead and quality assurance function. For clients without the capability or time to vet overseas operators to a rigorous standard, the premium is often justified.

Our executive protection services describes how we support clients across multiple markets. For the specific security regulations applicable in each P1 country, see our regulation guides linked from the bodyguard hire services page.

For the broader partner and third-party due diligence framework – covering beneficial ownership screening, PEP risk, sanctions compliance, and physical security implications of commercial partnerships in high-risk markets – see the security due diligence for business partnerships guide. For the specific demands of managing security on large-scale construction and infrastructure projects in high-risk regions, see our guide to security for construction and infrastructure projects. For the provider landscape, licensing frameworks, and vetting requirements specific to close protection assignments in the Western Balkans – Serbia, Kosovo, Albania, Bosnia-Herzegovina, and surrounding countries – see our close protection in the Balkans guide.