For the financial year ending 31 December 2025
Introduction and Commitment
This Statement is published voluntarily by IOActive in accordance with the spirit and best practices of the UK Modern Slavery Act 2015. We are fundamentally committed to combating modern slavery and human trafficking. We maintain a zero-tolerance approach to any form of exploitation in our operations or supply chains and strive to operate with uncompromising integrity and transparency in all our business activities.
1. Our Organization Structure, Business, and Supply Chains
- Structure and Business: IOActive is a global, research-driven information security services firm providing high-end cybersecurity consulting, security assessments, and research. Our headquarters are in Seattle, Washington, USA, with key operations including a presence in London, England through IOActive Europe Limited and Madrid, Spain through IOActive Infosec Consultants S.L. Our workforce consists primarily of highly skilled, professional employees engaged in low-risk, professional service activities.
- Direct Operations Risk: The risk of modern slavery in our direct operations is considered low due to the nature of our services, competitive wages, and adherence to robust labor laws in the jurisdictions where we operate.
- Supply Chains: Our supply chain risk is also considered low due to limited supporting corporate functions, primarily:
- Technology & IT: Procurement of computer hardware, software licenses, and IT infrastructure.
- General Services: Office management, travel services, facilities management, and temporary staffing agencies.
- Technology & IT: Procurement of computer hardware, software licenses, and IT infrastructure.
2. Policies and Ethical Framework
Our ethical commitment is integrated into our operations through the following frameworks:
- Modern Slavery Policy: We maintain a dedicated policy that sets out our zero-tolerance stance and clearly defines the responsibilities for identifying and reporting risks.
- Whistleblowing Policy: This policy enables all employees to confidentially report any wrongdoing, including any suspected human rights or ethical violations, without fear of retaliation.
- Commitment to Employee Welfare: Our employment contracts, practices, and employee handbook ensure compliance with all national labor laws, confirming fair wages, voluntary employment, and adherence to working hour regulations.
3. Risk Assessment, Due Diligence, and Mitigation
Our approach to preventing modern slavery is founded on the inherent low risk of our core business and is supported by careful vendor selection.
- Internal Controls: We ensure all personnel have confirmed their eligibility to work, are paid at least the local legal minimum wage, and are paid via transparent payroll systems. This process confirms the voluntary and legal status of our direct workforce.
- Vendor Selection Philosophy: Given the low risk profile of our business, our mitigation strategy focuses on the careful selection and ongoing review of third parties. We prioritize working with established, reputable suppliers and partners whose public commitments and operating locations support our own ethical obligations.
- Commitment to Review: We remain committed to an ongoing and evolving review of our overall approach to modern slavery and human trafficking risks to ensure our policies, controls, and practices continually align with our ethical standards and legal obligations.
Statement Approval
This Statement was approved by the CEO of IOActive, Inc. on behalf of itself and its subsidiaries on September 29, 2025.
Signed:
Name: Jennifer Steffens
Title: CEO