Private Security Pack

Security businesses using firearms in the course of their operations (armed guarding, armed response, CIT) must apply for business firearm licences from the SAPS Central Firearms Register. Each firearm must be individually licensed. The application requires: motivation for each firearm (operational need), proof of PSIRA business registration, proof of safe storage (SABS-approved safe/strong room), proof of competency certificate for each designated employee, and company financial statements. Safe storage requirements: firearms must be stored in a SABS 953-approved safe or strong room meeting SANS 10400-T specifications. Penalty: Possession of an unlicensed firearm — imprisonment of 5-15 years (s4 of Act 60 of 2000). Processing time: 90-180 days (subject to SAPS inspection of premises).

All businesses providing private security services in South Africa must register with the Private Security Industry Regulatory Authority (PSIRA) before commencing operations. Registration categories include: guarding, armed response, CCTV monitoring, access control, cash-in-transit, event security, electronic security (alarm installations), private investigation, security training, and security consultancy. The application requires: company registration documents (CIPC), directors' details, proof of PSIRA registration for all directors/members, proof of premises, fingerprints of directors, and a declaration of compliance. Processing time: 30-60 working days. Penalty: Rendering security services without PSIRA business registration is a criminal offence — fine up to R100,000 or imprisonment up to 2 years (s38 of Act 56 of 2001).

Every person employed as a security officer or rendering a security service must be individually registered with PSIRA. The employer must verify registration before hiring and maintain records of all registered officers. Registration requires: SA ID or valid work permit, PSIRA training certificate (Grade E minimum for entry level), criminal record check, and fingerprints. Security officer grades: Grade E (basic guarding), Grade D (access control/patrol), Grade C (control room/response), Grade B (supervisory), Grade A (management/specialist). Penalty: Employing unregistered security officers — fine up to R100,000 or imprisonment up to 2 years (s38). The officer is also liable for rendering services without registration.

Security control rooms must comply with SABS SANS 10222 Part 1 standards. Requirements include: (a) 24-hour manned operation with minimum 2 operators; (b) UPS and generator backup power (minimum 8-hour battery, 72-hour generator); (c) redundant communication systems (radio, telephone, cellular); (d) panic/duress alarm for operators; (e) access control (only authorised personnel); (f) fire detection and suppression; (g) CCTV recording of control room; (h) alarm receiving and monitoring equipment meeting SANS 10222-3; (i) minimum response times: 15 minutes in metro areas, 25 minutes in urban areas. PSIRA conducts control room inspections and may withdraw registration for non-compliance with SANS 10222 standards. Reference: SANS 10222-1:2014 (Control Rooms), SANS 10222-3 (Alarm Systems).

Alarm installation, CCTV, and electronic security systems must be installed in compliance with SANS 10222 Part 3 (alarm systems), SANS 10222 Part 4 (CCTV), and SANS 10222 Part 2 (electronic access control). Requirements: (a) installation by PSIRA-registered electronic security installers; (b) commissioning certificates issued for all installations; (c) system handover documentation and user training; (d) annual maintenance and testing schedule; (e) false alarm management plan (false alarm ratio must not exceed 3:1); (f) integration with control room monitoring per SANS 10222-1. PSIRA may fine businesses operating electronic security services without proper registration or failing to meet SANS standards. Reference: SANS 10222-2, SANS 10222-3, SANS 10222-4.

Cash-in-transit operators are classified as accountable institutions under Schedule 1 of the Financial Intelligence Centre Act 38 of 2001. Requirements: (a) Risk Management and Compliance Programme (RMCP) — implement, maintain, update annually; (b) Know Your Customer (KYC) — verify identity of all clients (CDD); (c) Report suspicious and unusual transactions (STRs) to the FIC within prescribed timelines; (d) Report cash threshold transactions exceeding R24,999 (CTRs); (e) Keep records of all transactions for minimum 5 years; (f) Appoint a compliance officer registered with the FIC; (g) Provide AML/CFT training to all relevant employees annually; (h) Conduct annual independent compliance audit. Penalty: Administrative sanctions up to R50 million; criminal prosecution for non-reporting — imprisonment up to 15 years (s68). Reference: FIC Act 38 of 2001, FIC Guidance Note 7.

Every security officer authorised to carry a firearm must hold a valid competency certificate issued by SAPS. The competency assessment covers: legal knowledge (FCA), safe handling and storage, proficiency in the use of the specific firearm type (handgun, shotgun, rifle as applicable). The competency certificate is valid for 5 years from the date of issue. Renewal must be applied for before expiry. The security business must maintain a register of all competency certificates and ensure no officer carries a firearm without a valid certificate. Penalty: Handling a firearm without a competency certificate — imprisonment up to 15 years (s5). Employer may also be charged for allowing unqualified persons to handle firearms. Reference: Firearms Control Act 60 of 2000, s9; FCA Regulations, Reg 5-7.

Business firearm licences must be renewed before expiry. Renewal applications must be submitted at least 90 days before the expiry date. The renewal requires: motivation for continued possession, updated employee competency certificates, proof of safe storage compliance, firearm service records, and current PSIRA business registration. SAPS may conduct a premises inspection as part of the renewal process. Penalty: Possession of a firearm with an expired licence — deemed unlicensed possession, imprisonment of 5-15 years. The business must surrender all firearms if renewal is refused. Reference: Firearms Control Act 60 of 2000, s24-25.

SAPS is entitled to inspect firearm storage facilities at any reasonable time. Security businesses must ensure all firearms and ammunition are stored in compliance with the FCA Regulations: (a) safe or strong room meeting SABS 953 / SANS 10400-T; (b) ammunition stored separately from firearms in a locked container; (c) firearms safe bolted to floor or wall if weighing less than 150kg; (d) strong room must have a reinforced door with approved locking mechanism; (e) access register recording all firearm movements (issue, return, maintenance). A firearm register must be maintained showing: firearm serial number, make, model, calibre, licence number, officer assigned, date issued, date returned. Penalty: Non-compliant storage — licence may be revoked; possession without valid licence — 5-15 years imprisonment. Reference: FCA Regulations, Schedule 3 (Safe Storage Requirements).

Security companies processing personal information must comply with the Protection of Personal Information Act (POPIA). Security-specific data processing activities: (a) CCTV footage — retention policy (maximum 30 days unless required for investigation), signage informing public of surveillance, access control to recordings; (b) Access control biometrics — fingerprint, facial recognition data is special personal information requiring explicit consent and additional safeguards (s26-33); (c) Client data — personal details, property information, alarm codes; (d) Incident reports — personal information of victims, witnesses, suspects. Requirements: appoint an Information Officer (register with Information Regulator), conduct a PAIA manual, implement data breach notification procedures (72 hours to Information Regulator), conduct Privacy Impact Assessments for new technology. Penalty: Administrative fine up to R10 million, civil claims, imprisonment up to 10 years (s107). Reference: POPIA Act 4 of 2013, ss5-11.

Registered security businesses must pay annual fees to PSIRA and obtain a compliance certificate. Annual fees are calculated based on the number of registered security officers employed. Individual officers must also pay annual fees (R116 per annum). The compliance certificate must be displayed at business premises and is required for tender applications. Fees are due by the anniversary of registration. Late payment attracts a penalty of 10% per month on overdue amounts. PSIRA may suspend or withdraw registration for persistent non-payment. Penalty: Operating without a valid compliance certificate — fine or imprisonment (s38). Reference: PSIRA Regulations, GN R.1455 of 2002.

Security officers wishing to advance must complete grading-specific training and apply to PSIRA for a grade upgrade. The grading system from A-E determines what functions an officer may perform: Grade E — basic guarding, property watching; Grade D — access control, patrol, screening; Grade C — control room operations, armed response, alarm monitoring; Grade B — supervision, shift management, incident command; Grade A — security management, risk assessment, consulting. Each grade requires completion of a PSIRA-accredited training programme (SAQA-aligned unit standards). Processing time: 21 working days after submission. Reference: PSIRA Regulations, Schedule of Training Requirements.

Security sector employers must submit a Workplace Skills Plan (WSP) and Annual Training Report (ATR) to SASSETA by 30 April each year. The WSP must identify skills gaps and planned training for the coming year aligned to SASSETA's Sector Skills Plan (SSP). The ATR reports on actual training delivered. Mandatory grant of 20% of Skills Development Levy (SDL) paid is claimable upon approval. Discretionary grants up to 49.5% available for priority programmes including: PSIRA grading training, firearm competency, first aid, control room operations, and investigation skills. Learnership requirements: security companies with 50+ employees must employ at least 1 learner per 50 employees in a registered learnership programme. Penalty: Non-submission forfeits mandatory grant claim. Reference: Skills Development Act 97 of 1998, SASSETA SSP.

Private security employers must comply with Sectoral Determination 6 which sets minimum conditions of employment for the private security sector. Key requirements: (a) Minimum wages — Area A (metro): R5,558.46/month; Area B: R5,081.58/month (2024 rates, adjusted annually); (b) Ordinary working hours — maximum 12 hours per shift, 45 hours per week; (c) Overtime — maximum 15 hours per week at 1.5x normal rate; (d) Night shift allowance — 10% premium for shifts between 18:00-06:00; (e) Sunday work — double pay for Sunday shifts; (f) Paid leave — 21 consecutive days per year; (g) Meal intervals — 60 minutes for every 6 hours (may be reduced to 30 min by agreement); (h) Uniform allowance — employer must provide uniforms at no cost to officer. Penalty: Non-compliance — fine per affected employee under BCEA. Reference: SD 6, GN R.541 of 2022.