Armed Volunteers and California Security Law

What Every House of Worship Needs to Know

A Statute-Driven Analysis for Churches, Mosques, Temples, Synagogues, and Nonprofit Organizations

Disclaimer: This article is provided for informational and educational purposes only and does not constitute legal advice. Kearnan Consulting Group, LLC is not a law firm and does not provide legal representation. Organizations and individuals should consult with a licensed California attorney before making compliance decisions based on the information contained herein. All statutory citations should be independently verified against current law at leginfo.legislature.ca.gov.

I. The Elephant in the Room

In houses of worship across California, a well-intentioned security practice has become an urgent legal question. The scenario is familiar: a church, mosque, temple, synagogue, or other religious organization identifies congregants who hold valid California Concealed Carry Weapon (CCW) permits and asks them to serve as volunteer safety or security team members, armed, during worship services, events, and gatherings. The intent is admirable. The legal exposure may not be.

The question we set out to answer is this:

In California, when a nonprofit organization, specifically a church, mosque, temple, or synagogue, assigns armed volunteers to protect people or property, and those volunteers possess a valid CCW permit, are those individuals legally required to operate under a licensed Private Patrol Operator (PPO)?

Additionally, does the California Bureau of Security and Investigative Services (BSIS) classify such armed volunteers as individuals who must be employees of a PPO, thereby prohibiting them from serving in any armed safety or security role as volunteers?

Finally, which California statutes govern this scenario?

The answers are not found in a single statute. Instead, California’s Private Security Services Act weaves together a series of interlocking definitions, registration requirements, exemption conditions, and enforcement provisions that, read together, lead to a clear conclusion: an armed volunteer performing security functions at a house of worship is operating inside California’s regulated security space, and a CCW permit alone does not provide an exemption.

II. The Legal Framework Governing Armed Volunteers in California

Understanding why armed volunteers at houses of worship face regulatory exposure requires a careful walk through several sections of the California Business and Professions Code (BPC), the Private Security Services Act (Chapter 11.5, commencing with Section 7580), the Proprietary Security Services Act (Chapter 11.4, commencing with Section 7574), and related provisions of the California Labor Code and Penal Code.

A. Business & Professions Code § 7582.1: The Foundational Definitions

Section 7582.1 provides the foundational definitions that anchor the entire regulatory framework.

Subdivision (a) defines a private patrol operator (PPO) as a person who, for any consideration, agrees to furnish a watchman, guard, patrolperson, or other person to protect persons or property, or who directly performs the service of a guard or patrolperson for such purposes.

Subdivision (e) defines a security guard or security officer as “an employee of a private patrol operator, or an employee of a lawful business or public agency who is not exempted pursuant to Section 7582.2,” who performs specified security functions on or about premises owned or controlled by the PPO’s customer or the guard’s employer.

The significance of this definition cannot be overstated. The word employee is embedded directly in the statutory definition of “security guard.” A person who performs security guard functions is, by statutory construction, an employee, not a volunteer, not an independent contractor, not a congregant who happens to be carrying a firearm. This is the first statutory thread in the web that ensnares armed volunteers at houses of worship.

B. Business & Professions Code § 7583.2: Obligations of the Private Patrol Operator

Section 7583.2 enumerates the affirmative obligations and prohibited conduct of licensed private patrol operators. While this section is directed at PPOs rather than at individual security guards, it is critical to the armed volunteer question for several reasons.

First, Section 7583.2 establishes the employer-employee infrastructure through which armed security in California must operate. The section requires a PPO to maintain accurate and current records of each employee’s name, address, date of employment, and position. It requires the PPO to verify and maintain proof of current and valid registration for each employee who is subject to registration. It requires the PPO to certify that each employee has completed all required training.

Second, and most critically for the armed volunteer scenario, subdivision (e) provides that a private patrol operator shall not permit any employee to carry a firearm or other deadly weapon without first ascertaining that the employee is proficient in the use of each weapon to be carried. Evidence of proficiency must include a certificate from a BSIS-approved firearm training facility and a current and valid firearm qualification permit issued by the department.

The practical implication is this: the only lawful pathway by which a person may carry a firearm while performing security guard functions under the Private Security Services Act is through employment by a licensed PPO that has verified proficiency, confirmed registration, issued proper identification, and maintained the records required by Section 7583.2. There is no alternative pathway for volunteers. There is no exception for nonprofit organizations. There is no carve-out for persons holding a CCW permit.

When a house of worship permits armed volunteers to perform security functions outside of this regulatory structure, those volunteers are performing functions that, under the statutory framework, may only be lawfully performed by employees of a licensed PPO, and both the organization and the volunteer may be exposed to regulatory, civil, and criminal liability as a result.

C. Business & Professions Code § 7582.2: The Exemptions, and Their Limits

Section 7582.2 sets forth the exemptions from the Private Security Services Act. Understanding what this section exempts, and, more importantly, what it does not, is essential.

Subdivision (a) provides an exemption for a person who does not meet the definition of a proprietary private security officer and who is employed exclusively and regularly by a single employer, in connection with the affairs of that employer only, where an employer-employee relationship exists, if that person at no time carries or uses a deadly weapon in the performance of that person’s duties.

The statute defines “deadly weapon” to include “a pistol, revolver, or any other firearm.” This means the subdivision (a) exemption is available only to unarmed personnel. The moment a person performing security functions carries a firearm, whether under a CCW permit or otherwise, the exemption is extinguished.

Equally significant is what SB 1454, effective January 1, 2025, removed from Section 7582.2. Prior to SB 1454, the statute exempted, among other entities, a “charitable philanthropic society or association.” That exemption no longer exists. Churches, mosques, temples, synagogues, and other faith-based organizations that previously may have relied on this language to justify unregulated security operations can no longer do so.

D. Business & Professions Code § 7574.01: The Proprietary Security Officer Is Unarmed by Definition

Section 7574.01, part of the Proprietary Security Services Act (Chapter 11.4), defines a proprietary private security officer (PPSO) as “an unarmed individual who is employed exclusively by any one employer whose primary duty is to provide security services.”

The word “unarmed” is embedded in the definition. There is no statutory category for an armed proprietary security officer. A person who carries a firearm while performing security functions cannot be classified as a PPSO and must instead be regulated under the Private Security Services Act, which, as discussed above, requires employment by a licensed PPO.

E. Business & Professions Code §§ 7583.3, 7583.4, and 7583.6: Registration and Employment Requirements

Section 7583.3 provides that no person required to be registered as a security guard shall perform security duties without carrying a valid and current security guard registration card. Section 7583.4 sets forth application requirements for the registration card. Section 7583.6 requires each applicant for registration to be employed by a licensed PPO and to submit fingerprints for a criminal background check through the Department of Justice.

These sections reinforce the central requirement: a person who performs security guard functions must be registered, the registration process requires employment by a licensed PPO, and the PPO is responsible for verifying training, proficiency, and compliance. There is no mechanism in the statute for a volunteer to obtain registration independent of a PPO employer.

F. SB 1454 (Stats. 2024, Ch. 484): The Removal of the Charitable Exemption

Senate Bill 1454, which took effect on January 1, 2025, made significant amendments to both the Proprietary Security Services Act and the Private Security Services Act. Among its most consequential changes, SB 1454 deleted the exemption for “charitable philanthropic societ[ies] or association[s]” from the list of entities exempted under Section 7582.2.

The legislative signal is unambiguous: the California Legislature intended to bring nonprofit organizations, including houses of worship, under the regulatory umbrella of the Private Security Services Act. Organizations that previously operated volunteer security teams under the assumption that their charitable or religious status provided a safe harbor must now confront the reality that no such safe harbor exists in current law.

G. The CCW Permit: What It Authorizes and What It Does Not

A California CCW permit, issued pursuant to Penal Code Section 25400 and related provisions, authorizes the holder to carry a concealed firearm on their person for personal protection. It does not authorize the holder to perform regulated security functions. It does not substitute for a BSIS security guard registration. It does not substitute for a BSIS firearms (exposed firearm) permit. And it does not exempt the holder from the requirements of the Private Security Services Act.

A CCW permit and a BSIS firearms permit serve fundamentally different purposes under California law. The CCW permit is a personal carry authorization. The BSIS firearms permit is a professional authorization to carry a firearm while performing regulated security duties under the supervision of a licensed PPO. Possessing one does not satisfy the requirements of the other.

III. How the Statutes Weave Together to Exclude Armed Volunteers

No single statute explicitly declares: “Armed volunteers may not perform security functions at a house of worship.” Instead, the prohibition arises from the cumulative effect of interlocking statutory provisions. The following step-by-step analysis demonstrates how these provisions interact:

1. Step 1: Section 7582.1(e) defines a “security guard” as an employee of a private patrol operator or of a lawful business who performs security functions. The definition is function-based: if a person performs the enumerated functions, including protecting persons or property, preventing theft, and controlling access, that person falls within the regulatory definition.
2. Step 2: Section 7583.6 requires that each applicant for a security guard registration card be employed by a licensed PPO. There is no registration pathway for volunteers, independent contractors, or self-employed individuals.
3. Step 3: Section 7583.2(e) prohibits a PPO from permitting any employee to carry a firearm without first verifying proficiency and confirming a valid BSIS firearm qualification permit. Armed security can only be performed by registered employees of a licensed PPO who hold BSIS firearms permits.
4. Step 4: Section 7582.2(a) provides the sole exemption for in-house security personnel, but conditions it on the person at no time carrying a deadly weapon, which expressly includes firearms. Armed persons are categorically excluded from this exemption.
5. Step 5: Section 7574.01 defines proprietary private security officers as unarmed by statute. No armed proprietary pathway exists.
6. Step 6: SB 1454 (effective January 1, 2025) removed the “charitable philanthropic society or association” exemption from Section 7582.2, eliminating any argument that houses of worship enjoyed a categorical exemption from the Act.
7. Step 7: California Labor Code Section 3363.6 provides that a volunteer for a private nonprofit organization is generally not an employee for workers’ compensation purposes unless the board of directors affirmatively opts in. But this non-employee status under labor law does not create an exemption from the Private Security Services Act; rather, it creates a gap: the person is not an employee of a PPO (and therefore cannot be registered as a security guard), yet is performing functions that the Act requires be performed only by registered employees of a PPO.
8. Step 8: A CCW permit authorizes personal concealed carry. It does not authorize performance of regulated security functions and does not substitute for a BSIS security guard registration or BSIS firearms permit.

The result of this statutory construction is that armed volunteers performing security functions exist in a regulatory void: they are performing functions that may only lawfully be performed by registered employees of a licensed PPO, but they are not employees of a PPO, cannot obtain registration as security guards, and do not hold the BSIS permits required to carry firearms in a security capacity. The statutory framework does not accommodate their role.

BSIS Enforcement Posture

The Bureau of Security and Investigative Services (BSIS) has not, to date, published a formal opinion letter specifically addressing armed volunteers at houses of worship. However, when queried directly on the question of whether church or synagogue security volunteers, whether armed or unarmed, are exempt from licensing and registration requirements, BSIS has reportedly declined to confirm any such exemption. Instead, BSIS has referenced the removal of the “charitable philanthropic society” exemption and referred inquirers to the text of the amended statutes.

This posture is significant. A regulator’s refusal to confirm an exemption is functionally equivalent to a warning that the exemption does not exist. Organizations that proceed on the assumption that BSIS will not enforce against volunteer security teams at houses of worship do so at their own risk.

IV. The “Volunteers Are Not Employees” Counterargument and Why It May Not Create an Exemption

The analysis set forth in Section III leads to a conclusion that armed volunteers at houses of worship are operating inside California’s regulated security space. However, intellectual honesty requires this article to address the strongest textual counterargument available to organizations that wish to maintain armed volunteer security teams: the argument that volunteers are not “employees” as defined by the Private Security Services Act, and therefore fall outside the regulatory framework entirely.

A. The Textual Argument

Section 7580.9 of the Business and Professions Code provides a specific statutory definition of “employee” for purposes of Chapter 11.5:

“As used in this chapter, ‘employee’ means an individual who works for an employer, is listed on the employer’s payroll records, and is under the employer’s direction and control.”

This is a conjunctive, three-part definition. To qualify as an “employee” under the Act, an individual must satisfy all three elements: (1) work for an employer, (2) be listed on the employer’s payroll records, and (3) be under the employer’s direction and control. A volunteer who receives no compensation and appears on no payroll fails, at minimum, the second prong.

The implications of this definition extend beyond § 7580.9 itself. As discussed in Section II.A, § 7582.1(e) defines a “security guard” as an employee who performs certain security functions. Section 7583.2 frames operator obligations in terms of employee records, employee training, and employee firearms proficiency. Section 7583.6 conditions security guard registration on being employed by a licensed PPO. The entire regulatory architecture of Chapter 11.5 is built on the employer-employee relationship. The legislature did not use the word “employee” inadvertently in a single section; it used it deliberately and consistently throughout the chapter.

The counterargument, stated plainly, is this: if a volunteer is not an “employee” under § 7580.9, then the volunteer cannot be a “security guard” under § 7582.1(e), and the regulatory obligations that attach to security guards and their PPO employers do not reach the volunteer. On a plain-text reading, this argument has force.

B. Why the Counterargument Does Not Create a Safe Harbor

While the textual argument is coherent on its own terms, it does not lead to the conclusion its proponents seek—namely, that armed volunteers may lawfully perform security functions free of regulatory obligation. The counterargument fails for several independent reasons, any one of which is sufficient to defeat it.

1. The Statute Creates No Lawful Pathway, Not an Exemption

The most important response to the § 7580.9 argument is structural. If a volunteer is not an “employee” and therefore cannot be a “security guard,” then the volunteer cannot obtain the registrations and permits that the Act requires for the performance of armed security functions. There is no registration pathway for non-employees. Section 7583.6 conditions registration on employment by a licensed PPO. The BSIS firearms qualification permit is available only to registered security guards employed by a licensed PPO. There is no alternative credential, no parallel pathway, and no mechanism by which a non-employee may lawfully obtain the authorizations required to perform armed security functions under the Act.

This absence of a compliance pathway is not an oversight—it is the regulatory design. The Act channels armed security exclusively through the PPO-employee infrastructure because that infrastructure provides the screening, training, supervision, and accountability mechanisms that the legislature determined were necessary for public safety. The fact that a volunteer cannot enter this pathway does not mean the volunteer is exempt from it. It means the activity cannot lawfully be performed by a volunteer at all.

2. The Act Regulates Activities, Not Only Employment Relationships

While the “security guard” definition in § 7582.1(e) is keyed to employment status, other provisions of the Act regulate conduct regardless of employment classification. Section 7583.3 provides that “no person required to be registered as a security guard shall perform the functions of a security guard” without a valid registration card. The statute uses “person,” not “employee.” This language reaches anyone performing the regulated functions, regardless of whether they satisfy the § 7580.9 definition of “employee.”

Similarly, § 7582.3 imposes criminal penalties on any person who acts as, or represents themselves to be, a private patrol operator without a license. An organization that recruits, schedules, positions, and directs armed individuals to protect persons and property during worship services is, functionally, furnishing guards for protective purposes—the core activity that defines a private patrol operator under § 7582.1(a). The § 7580.9 definition of “employee” does not insulate the organization from the separate prohibition on unlicensed operation as a PPO.

3. The Organization May Be Operating as an Unlicensed Private Patrol Operator

Section 7582.1(a) defines a “private patrol operator” as a person who, “for any consideration whatsoever,” agrees to furnish a guard or other person to protect persons or property. When a house of worship organizes an armed security team—recruiting members, assigning shifts, designating posts, issuing communications equipment, and directing responses to perceived threats—the organization is furnishing armed personnel for the protection of persons and property. The question becomes whether the organization is doing so “for any consideration whatsoever.”

While volunteer security teams do not receive monetary compensation, the organization itself receives the benefit of protective services. Courts and regulators in analogous licensing contexts have interpreted “consideration” broadly to include non-monetary benefits, indirect compensation, and the exchange of services for organizational membership benefits. An organization that deploys armed volunteers and argues simultaneously that those volunteers are not “employees” may find itself arguing that it is providing PPO-type services without holding a PPO license—exchanging one form of regulatory liability for another.

4. The “Volunteer” Label May Not Survive Functional Scrutiny

California law examines the substance of a working relationship, not merely the label the parties assign to it. When an organization recruits individuals for a security team, assigns them to a regular rotation, positions them at specific locations, provides them with communications equipment, expects them to identify and respond to threats, and directs their conduct during services and events, the hallmarks of an employment relationship—direction, control, and integration into the organization’s operations—are present. The absence of monetary compensation does not automatically establish volunteer status when the functional indicia of employment are otherwise satisfied.

BSIS, a court, or a plaintiff’s attorney examining the arrangement may argue that the organization’s armed security team members are de facto employees—individuals who work for the organization, are under the organization’s direction and control, and perform tasks that would otherwise need to be performed by a paid employee of a licensed PPO. Under this analysis, the only element of § 7580.9 arguably missing is the payroll requirement, and the absence of payroll documentation may itself be evidence of misclassification rather than evidence of genuine volunteer status.

C. The Practical Consequence

The § 7580.9 counterargument, even if accepted at face value, does not lead to the result its proponents desire. If a volunteer is not an “employee” under the Act, then the volunteer is not a “security guard” under the Act, cannot obtain registration or a firearms permit under the Act, and cannot lawfully perform the armed security functions that the Act reserves to registered, permitted employees of licensed PPOs. The volunteer does not exit the regulatory framework into a space of freedom; the volunteer exits into a space where the activity is simply prohibited.

Meanwhile, the organization that deploys such volunteers faces exposure under the unlicensed-PPO provisions (§ 7582.3), and the volunteers themselves face exposure under the activity-based prohibitions (§ 7583.3) that use “person,” not “employee,” as the operative term.

The § 7580.9 definition of “employee” is a legitimate and well-grounded textual observation. But it is a shield without a sword: it may prevent the volunteer from being classified as a non-compliant employee, but it cannot authorize the volunteer to perform an activity for which no lawful non-employee pathway exists.

V. Risks Created for the Nonprofit Organization

When a house of worship authorizes armed volunteers to perform security functions outside the regulatory framework described above, it may inherit significant and overlapping risks.

A. Regulatory Risk

BSIS is authorized to assess administrative fines for violations of the Private Security Services Act. An organization that permits unlicensed and unregistered persons to perform security guard functions, particularly armed security functions, may be found to be operating as an unlicensed private patrol operator or, at minimum, facilitating the unlicensed performance of regulated security activities. Civil penalties for violations of the Act can range from $5,000 to $25,000 per violation.

B. Civil Liability Risk

If an armed volunteer uses force, including deadly force, while performing security functions, the organization may face claims of negligent hiring, negligent retention, negligent supervision, and negligent entrustment. The fact that the volunteer was not properly licensed, registered, or trained under BSIS standards may be introduced as evidence of the organization’s negligence. Under California’s general duty of care principles, an organization that knows or should know that its armed volunteers are operating outside regulatory compliance owes a duty to foreseeable victims of that noncompliance.

The absence of PPO oversight, including use-of-force policies, de-escalation training, regular firearms requalification, and supervision, may be treated as a departure from the standard of care that a reasonably prudent organization would exercise.

C. Insurance Risk

Many general liability and commercial insurance policies contain exclusions for claims arising from security operations, use of force, or activities that require professional licensing. An organization that deploys armed volunteers without the regulatory infrastructure required by California law may discover that its insurer denies coverage for claims arising from the actions of those volunteers. Workers’ compensation coverage may be similarly unavailable, particularly where the organization has not adopted a board resolution under Labor Code Section 3363.6 extending coverage to volunteers.

D. Criminal Exposure

If an armed volunteer uses force resulting in serious bodily injury or death, prosecutors may examine whether the volunteer was lawfully authorized to perform the security function that gave rise to the use of force. The absence of proper licensing and registration, combined with the organization’s knowledge that the volunteer was operating in an armed capacity, may factor into charging decisions and may undermine affirmative defenses based on defense of others or justifiable use of force.

E. Board Fiduciary Duty

Directors of California nonprofit corporations owe a duty of care to act in good faith and with such care as an ordinarily prudent person in a like position would exercise. A board that authorizes or permits armed volunteer security operations without investigating the regulatory requirements, or that continues such operations after becoming aware of the compliance gap, may breach its fiduciary duty to the organization. This exposure extends to personal liability for individual board members in cases of willful misconduct or knowing violations.

VI. Risks Inherited by the Volunteer

The volunteer who agrees to serve in an armed security capacity at a house of worship also inherits substantial personal risk.

A. Acting as an Unlicensed Security Guard

A person who performs security guard functions without a valid BSIS security guard registration card may be in violation of Section 7583.3 and related provisions of the Private Security Services Act. This is a regulatory violation that may result in administrative fines and, depending on the circumstances, potential misdemeanor charges.

B. Loss of Civil Immunity Protections

California Corporations Code Section 5239 provides limited liability protection for volunteers of nonprofit corporations acting within the scope of their volunteer duties. However, this protection is subject to exceptions, including acts that fall outside the scope of the volunteer’s authority or that constitute willful misconduct. A volunteer who performs armed security functions without proper licensing may be found to have acted outside the scope of any lawful volunteer authority, potentially forfeiting the protections of Section 5239.

C. Personal Civil Liability for Use of Force

If an armed volunteer uses force, including discharging a firearm, the volunteer may face personal civil liability for assault, battery, wrongful death, or negligent discharge. Unlike a registered security guard employed by a licensed PPO, the volunteer lacks the institutional protections that come with regulatory compliance: use-of-force policies, training documentation, employer liability coverage, and the evidentiary weight of operating within a lawful regulatory framework.

D. Criminal Exposure and the Self-Defense Doctrine

California law recognizes the right of any person to use reasonable force in defense of self or others when that person reasonably believes that they or another person are in imminent danger of bodily harm. This right exists independent of any license, permit, or employment status. A congregant who happens to be carrying a firearm under a valid CCW permit and who responds to an imminent threat during a worship service retains the legal right to act in self-defense or defense of others, just as any other person present would.

However, the self-defense doctrine is designed to protect individuals acting in a personal capacity in response to an imminent threat. It is not designed to authorize, and does not authorize, individuals to assume an ongoing organizational security role on behalf of a nonprofit entity. When a volunteer is assigned to a security team, rostered for shifts, positioned at entrances, equipped with communications devices, and directed to identify and respond to threats as part of a coordinated security operation, that person has moved beyond the scope of personal self-defense. That person is performing a regulated security function on behalf of, and for the benefit of, an organized nonprofit organization.

The distinction matters. A CCW permit is issued for the purpose of personal self-defense. It is not issued to enable the holder to act as an armed security officer for a church, mosque, temple, synagogue or any business, corporation, organization, etc. When a volunteer uses force while acting in a security capacity that the CCW permit was never intended to authorize, prosecutors and juries may question whether the individual’s conduct falls within the scope of justifiable self-defense or whether it constitutes the unauthorized exercise of a security function for which proper licensing was required.

The Castle Doctrine under Penal Code Section 198.5 is limited to a person’s own residence and does not extend to a house of worship. The absence of proper BSIS licensing and registration, combined with evidence that the volunteer was acting in a directed security capacity rather than responding spontaneously as a private citizen, may undermine the very self-defense claim that the volunteer and the organization assumed would provide legal protection.

E. Risk to the CCW Permit

CCW permits in California are issued at the discretion of the local issuing authority and may be revoked for good cause. A CCW holder who uses their permit to perform unlicensed security functions, particularly if a use-of-force incident occurs, may face review and potential revocation of their permit. The issuing authority may determine that the holder used the permit for purposes beyond its intended scope.

F. Loss of Insurance Coverage

A volunteer’s personal liability insurance, homeowner’s insurance, or umbrella policy generally excludes coverage for claims arising from security-related activities, use of force, or activities that require professional licensing. The volunteer may face uncovered personal liability for legal defense costs and any resulting judgment.

Equally significant is the emerging position of personal CCW self-defense insurance providers. Many volunteers who carry a CCW permit also maintain a personal self-defense insurance policy through providers such as USCCA, CCW Safe, Right to Bear, US Law Shield or similar organizations. These policies are designed to cover criminal defense costs and civil liability arising from personal self-defense incidents. However, some policies may contain exclusions for incidents that occur while the insured is acting in a duty, security, or protective capacity on behalf of an organization. The insurer may recognize the organizational security role as a duty-based exclusion, determining that the incident arose not from personal self-defense but from the performance of a security function for which the policy was not underwritten.

A recent analysis by Kearnan Consulting Group, LLC of the PORAC Legal Defense Fund’s coverage position illustrates this risk with particular clarity. PORAC’s Firearms Coverage FAQ states unambiguously that the Legal Defense Fund does not provide coverage for any firearm-related incident that occurs while an individual is acting in a protective, security, or duty-based role for a private organization, including churches. This exclusion applies even when the individual is unpaid, volunteering, or retired from law enforcement. The PORAC exclusion is function-based, not title-based: it examines what the individual was doing at the time of the incident, not what the organization called their role.

In many cases, a personal CCW insurance provider will position its policy as excess coverage behind the nonprofit organization’s liability policy. This creates a compounding problem: the nonprofit’s general liability or commercial policy may not include armed volunteers in its underwriting or may contain its own exclusions for unlicensed security operations, leaving no primary coverage in place. The CCW insurer then denies coverage on the ground that its policy is excess to a nonexistent primary policy, or invokes its organizational-duty exclusion. The result is a complete coverage gap in which neither the organization’s policy nor the volunteer’s personal policy responds to the claim.

G. Retired Peace Officers Carrying Under HR 218 (LEOSA)

A common and dangerous assumption among houses of worship is that retired law enforcement officers who carry a firearm under the Law Enforcement Officers Safety Act of 2004 (LEOSA), commonly known as HR 218, are exempt from California’s private security licensing requirements. This assumption is incorrect.

LEOSA authorizes qualified retired law enforcement officers to carry a concealed firearm nationwide, subject to certain conditions, including annual firearms qualification. However, LEOSA is a federal concealed carry authorization. It does not confer any exemption from state-level private security licensing requirements. Under the California Private Security Services Act, a retired peace officer who volunteers in an armed security capacity at a house of worship is treated the same as any civilian CCW carrier: the individual is performing regulated security functions without BSIS registration, without a BSIS firearms permit, and without employment by a licensed PPO. The fact that the individual previously served as a sworn law enforcement officer does not change this analysis. Retirement severs the employment relationship that gave rise to the officer’s peace officer status, and with it, the statutory exemptions available to active-duty officers.

H. Active-Duty and Off-Duty Law Enforcement Officers

The exemptions under the Private Security Services Act for law enforcement personnel are narrow and specifically defined. Section 7582.2(b) exempts officers and employees of the United States or of this state while engaged in the performance of official duties. Section 7582.2(d) exempts active-duty peace officers employed by a private employer for off-duty employment in accordance with Government Code Section 1126.

However, Section 7582.2(d) contains an express limitation: nothing in the exemption shall exempt a peace officer who contracts for, or is employed as, an armed private security officer, defined as an individual who carries or uses a firearm in the course and scope of that contract or employment. This means that even an active-duty peace officer who volunteers (without pay) in an armed security role at a house of worship may fall outside the scope of the exemption, because the officer is not engaged in official duties and is not employed for off-duty work under Government Code Section 1126.

The scenario of an off-duty law enforcement officer volunteering at a church, mosque, temple, or synagogue in an armed capacity, outside the scope of the officer’s police duties and job description, and acting for the nonprofit organization’s benefit and protection of property or people during worship services, presents the same regulatory concerns as any other armed volunteer. The officer is not acting under color of authority. The officer is not performing official duties. The officer is not employed for off-duty work under a Government Code Section 1126 arrangement. The officer is, functionally, a private citizen carrying a firearm while performing a security role for an organization, and the Private Security Services Act does not distinguish between a retired officer, an off-duty officer volunteering on personal time, and any other civilian in this context.

In summary: the only law enforcement exemptions under the Private Security Services Act apply to (1) active-duty officers performing official duties, (2) active-duty officers employed for off-duty work under Government Code Section 1126, and (3) licensed security guards operating under a PPO license and insurance. Retired officers, off-duty officers volunteering on personal time, and officers acting outside the scope of their law enforcement duties do not qualify for these exemptions when performing armed security functions for a nonprofit organization.

VII. Recommendations for Nonprofit Organizations and Volunteers

Given the regulatory framework, the enforcement posture of BSIS, and the overlapping risks described above, Kearnan Consulting Group, LLC recommends that houses of worship and their volunteer teams consider the following:

1. Verify All Statutory Language Against Current Law. The statutes discussed in this article are subject to amendment. Organizations should confirm the current text of all cited provisions at the California Legislative Information website (leginfo.legislature.ca.gov) before making compliance decisions.

2. Submit a Formal Opinion Request to BSIS. Organizations seeking definitive guidance on whether their specific security arrangements comply with the Private Security Services Act should consider submitting a written request to BSIS for formal clarification. A written response from BSIS, whether it confirms or denies an exemption, provides a valuable compliance record.

3. Consult a California Attorney Specializing in BSIS Regulatory Matters. The intersection of the Private Security Services Act, the Proprietary Security Services Act, labor law volunteer classifications, and nonprofit governance creates significant legal complexity. Organizations should retain counsel with specific experience in BSIS-regulated industries to evaluate their particular circumstances.
4. Consider Contracting with a Licensed Private Patrol Operator (PPO) or Local Law Enforcement Agency. For organizations that determine armed security is necessary, the most legally defensible approach is to contract with a licensed PPO or to engage a local law enforcement agency to provide uniformed, on-duty officer presence during worship services and events. A licensed PPO assumes responsibility for employee screening, BSIS registration, firearms training and requalification, use-of-force policies, supervision, and the regulatory compliance infrastructure required by Sections 7583.2 through 7583.6. Some PPOs specialize in house-of-worship security and may offer arrangements tailored to the needs and budgets of religious organizations. Alternatively, many local law enforcement agencies offer paid-detail or extra-duty officer programs through which active-duty officers provide armed security at houses of worship while acting within their official capacity. This approach provides the highest level of legal protection, as officers operating under the authority of their agency are covered by governmental liability protections and departmental use-of-force policies.

5. Consider Restructuring Volunteer Teams as Unarmed Safety Ministries. Organizations that wish to maintain a congregant-based safety presence may consider restructuring their teams to perform clearly defined non-security functions that fall outside the scope of the Private Security Services Act. Functions such as greeting, ushering, monitoring parking lots for traffic safety, coordinating emergency evacuation procedures, and serving as a liaison to law enforcement may not constitute “security guard” functions under Section 7582.1(e), provided team members do not carry firearms and do not hold themselves out as security personnel. This restructuring should be documented, and team members should receive written guidelines clearly delineating their permissible activities.

6. Document Everything. Regardless of the path chosen, organizations should maintain written records of their decision-making process, legal consultations, board resolutions, volunteer agreements, training records, and compliance assessments. In the event of a regulatory inquiry or civil claim, contemporaneous documentation of good-faith compliance efforts is the organization’s strongest defense.

VIII. Conclusion

The desire to protect congregants is deeply rooted in faith, community, and a sense of responsibility. It is not the intent of this article to discourage houses of worship from taking the safety of their communities seriously. To the contrary, the purpose of this analysis is to ensure that safety measures are implemented in a manner that is legally sound, regulatory compliant, and protective of both the organization and the individuals who serve.

The legal reality under current California law is as follows:

• A person who performs security guard functions as defined in BPC Section 7582.1(e) is, by statutory definition, an employee, not a volunteer.
• Registration as a security guard requires employment by a licensed PPO under Section 7583.6.
• Armed security requires both BSIS registration and a BSIS firearms permit, verified by the PPO under Section 7583.2(e).
• The sole in-house exemption under Section 7582.2(a) is categorically unavailable to any person who carries a firearm.
• The proprietary security officer category under Section 7574.01 is limited by definition to unarmed persons.
• The charitable/philanthropic exemption was removed by SB 1454, effective January 1, 2025.
• A CCW permit does not authorize the performance of regulated security functions and does not substitute for BSIS registration or a BSIS firearms permit.

The regulatory posture of BSIS, as evidenced by its reported refusal to confirm any exemption for house-of-worship security volunteers, reinforces this reading of the law.

The risks to both the organization and the volunteer are real and substantial: regulatory penalties, civil liability, insurance coverage gaps, criminal exposure, fiduciary duty implications for board members, and potential jeopardy to individual CCW permits.

The prudent path forward is not to abandon the mission of congregational safety, but to pursue it through lawful means. Whether that means contracting with a licensed PPO for armed security, restructuring volunteer teams into unarmed safety ministries with clearly defined non-security roles, or some combination of both, the goal is to serve the community while standing on solid legal ground.

A Note from the Author

It is worth noting that the BSIS position, or, more accurately, the Bureau’s posturing on this issue, has never been formally challenged. To date, no nonprofit organization has taken BSIS to court over an alleged violation arising from the use of armed volunteers. Until one does, there will be no case law, no judicial clarification, and no recognized exemption established through litigation. The question remains one of statutory interpretation without the benefit of appellate guidance.

That reality is well outside my capacity as a security consultant, and I am not in a position to encourage organizations to engineer regulatory workarounds or prepare for litigation against a state agency. My approach, and my recommendation, is to err on the side of caution: treat the statutory framework as it reads, acknowledge the risks as they exist, and let each organization’s attorney interpret the nuances of this legislation in light of that organization’s specific circumstances. The stakes for the organization, for the volunteers, and for the congregants they seek to protect are too significant to do otherwise.

— Jeffrey Kearnan, Kearnan Consulting Group, LLC

About Kearnan Consulting Group, LLC

Kearnan Consulting Group, LLC provides security consulting, regulatory compliance guidance, and risk management services for organizations navigating the complexities of California’s security regulatory environment. For more information, visit kearnanconsulting.com.