EMPLOYEE BENEFITS
Work-Life Balance
ICO is committed to work-life balance as part of its dedication to the well-being of the people who make up the institution—its most valuable asset. This commitment extends beyond paid leave, aiming to balance professional and personal goals through flexible approaches that enable success in both areas. Work-life balance is viewed as an organizational model that facilitates equal opportunities for both men and women to fulfill their professional, personal, and family responsibilities.
Since December 2014, ICO has held the Family-Responsible Company (efr) certification, awarded by the Másfamilia Foundation in accordance with the efr 1000-1 standard. This certification was renewed in December 2022 for an additional three-year period, valid until 2025. The efr management model provides a structured methodology for work-life balance and fosters an organizational culture based on flexibility, respect, and mutual commitment. To ensure its effective implementation, ICO has a Work-Life Balance and Equality Management Procedure, aligned with the principles of the efr model.
The ICO management model aims to:
- Eliminate barriers that hinder equal participation of men and women in both personal life and company processes.
- Promote a work environment that allows employees to reconcile their professional responsibilities in a public institution like ICO with their personal and family needs.
To uphold the values and principles of work-life balance, ICO has an external communication channel managed by the Másfamilia Foundation, through which employees can submit complaints and claims confidentially. In 2024, as in 2023, the Másfamilia Foundation did not receive any complaints or claims through this channel.
ICO offers 90 work-life balance measures, structured into eight categories, 67 of which go beyond legal requirements, forming part of the measures recognized under the efr certification.
Compensation
Senior management, like the rest of the workforce, is entitled to meal vouchers, private health insurance, and life insurance as part of their remuneration package.
As part of its commitment to the health and well-being of its employees, the ICO Group provides an on-site medical service, available Monday to Friday in the mornings. This service includes general medicine, nursing, and physiotherapy, and is authorized by the Madrid Regional Health Department. Having this service facilitates access to healthcare without requiring employees to leave the workplace, contributing to healthcare accessibility, work-life balance, and reduced absenteeism.
Training Participation
Throughout 2024, a total of 388 employees participated in at least one training activity. This figure includes both current employees and those who, although not part of ICO as of December 31, received training between January 1 and December 31, 2024.
In this regard, 82.91% of the workforce (including those who have left the company) participated in some form of training during the year.
Additionally, as a specific training focus, language training has been a key initiative at the ICO Group level. In 2024, a significant percentage of employees took part in this type of training, reinforcing their linguistic skills, which are essential in a globalized environment. Of the 468 employees considered, 248 participated in language training, representing 53% of the workforce. This data is presented separately from other training activities to highlight ICO Group’s commitment to language skills development, a key transversal element for international projection and professional growth.
Management Training
In 2024, within the ICO Group and as part of the internal Policy on the Right to Digital Disconnection, training and awareness-raising sessions were conducted on Digital Disconnection and Remote Work. These sessions, aimed at middle management and delivered in a webinar format, were designed to support corporate policies and train leaders in responsible team management and the appropriate use of technological tools.
The training, held on April 3, 2024, was well received, with 56 team leaders attending, representing 90.32% of all middle management at the time.
Additionally, a specific in-person training session was conducted for the Executive Committee, attended by all six of its members.
Training in Digital Competencies
To enhance new work dynamics in collaborative environments and optimize the use of technological tools, a webinar-based training course was organized in 2024 for the entire workforce.
This training enabled employees to deepen their practical knowledge of daily-use applications, improving document management, team collaboration in a hybrid work environment, and internal communication in a more efficient and agile manner.
The initiative was well received, with 239 employees participating, representing 51.07% of the workforce, demonstrating strong interest in developing digital competencies.
Partnerships with Educational Institutions
ICO actively collaborates with prestigious educational institutions, maintaining agreements with entities such as the Foundation for Research on Law and Business (FIDE), ESADE Foundation, Institute of Stock Market Studies (IEB), Center for Economic and Commercial Studies (CECO), School of Applied Finance (AFI), and the National Distance Education University (UNED).
Throughout 2024, these agreements remained in force, facilitating the implementation of various training initiatives. Among the most active institutions in this regard were FIDE, AFI, and IEB, which played a key role in delivering specialized training programs.
EXPOSURE TO INTENSIVE SECTORS (SECOND-FLOOR FACILITIES)
The Second Floor Facilities scheme is part of ICO’s business activities, facilitating access to financing for small and medium-sized enterprises (SMEs). As of the end of the 2024 financial year, 35% of ICO’s outstanding loan balance corresponded to financing granted to other financial institutions to support SME financing.
In this Second Floor Facilities model, ICO collaborates with financial institutions. ICO transfers resources to these institutions so that they can channel financing to the self-employed and SMEs. The financial institutions are responsible for reviewing the operations in accordance with their internal policies and assume the risk of the transactions. This collaboration allows ICO to channel resources to the business sector while preserving its financial stability, fostering the growth and competitiveness of SMEs. Additionally, through these Second Floor Facilities operations, ICO significantly contributes to economic development and job creation.
Although partner financial institutions in the Second Floor Facilities model have their own sustainability assessment procedures, ICO monitors these operations through a sustainability questionnaire, which banks are required to submit. This questionnaire serves as a tool for ICO to analyze and track the environmental objectives of the financed operations.
ICO does not develop specific sectoral policies for the industries financed through the Second Floor Facilities model, as financial institutions are responsible for analyzing operations according to their internal policies and assessing the sustainability of the financed projects.
However, ICO conducts additional monitoring of these operations through a sustainability questionnaire that must be completed by the final beneficiaries of the funds. This questionnaire, which has been mandatory since 2023 (and was previously voluntary), allows ICO to analyze and monitor the environmental objectives of the financed operations.
SUPPLIERS: ICO's Commitment to Sustainability in the Value Chain
ICO integrates environmental and social criteria into its supplier management, demonstrating its alignment with international standards and its commitment to a responsible value chain.
Until October 2024, each procurement process included a report from the Human Capital and CSR department, evaluating the relevance of incorporating sustainability clauses, with particular attention to the tie-breaker criteria established in Article 147 of the LCSP (Spanish Public Procurement Law).
By the end of 2024, this approach was significantly strengthened. Procurement tender models now include new social and environmental clauses, requiring contractors to comply with specific sustainability and social responsibility objectives. These conditions are managed through declarations of compliance and documentary controls, ensuring compliance both during contract execution and, in some cases, upon completion.
PRIVACY AND DATA SECURITY
ICO maintains a strong commitment to data privacy and security, supported by a robust Information Security Policy and the application of advanced standards to ensure the protection of processed information.
In 2024, ICO obtained AENOR certification for compliance with the National Security Framework (ENS), regulated by Royal Decree 311/2022, which establishes the principles, requirements, and protective measures applicable to the entire public sector. ICO is certified at the medium level, as registered by the National Cryptologic Center (CCN-CERT).
Security Incident Classification and Notification:
ICO employs two complementary approaches to manage and report security incidents:
1. National Cryptologic Center (CCN)
- Based on the TIC Security Guide (CCN-STIC-817).
- Severity scale from 1 (low/none) to 5 (critical).
- Obligation to report incidents classified as level 3, 4, or 5 (high, very high, or critical).
2. PSD2 (Bank of Spain)
- Based on European payment services regulations.
- Establishes specific criteria for reporting major incidents, ensuring a high level of supervision over payment systems and transaction security.
ICO’s ENS certification covers not only information systems but also facilities, suppliers, and human resources, reinforcing a comprehensive security culture. This ensures compliance with the highest data protection standards and strengthens ICO’s ability to mitigate risks related to cybersecurity and sensitive information management.
ESMS - EXTERNAL VERIFICATION ISO 14001: ICO's Commitment to Sustainability and Environmental Management
In 2024, ICO consolidated an Integrated Management System (SGI) under international standards for quality, sustainability, and occupational safety, obtaining simultaneous certification in ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018, awarded by EQA. This integration reinforces ICO’s commitment to operational excellence, environmental sustainability, and employee health and safety.
The Organizational Structure Circular 2/2024 (dated September 18, 2024) assigns the Technical and Resources Managing Director as the executive representative of the SGI, ensuring strategic oversight and leadership. Additionally, clear responsibilities have been defined within the organization:
- ISO 9001:2015: Managed by the Organization and Quality Department.
- ISO 14001:2015: Managed by the General Services and Asset Management Department.
- ISO 45001:2018: Managed by the Human Capital and CSR Department.
These certifications not only ensure regulatory compliance but also enhance ICO’s ability to integrate sustainability and environmental management criteria into its operations, reinforcing its position as a responsible and sustainable institution.
In order to guarantee a respectful and preventative approach towards the environment, the ICO Group has approved and documented an environmental policy that has been fully adapted to the requirements of the ISO 14001 Environmental Management Systems standard and a code of good environmental practices, that has been certified by European Quality Assurance.
ICO management approved, as a cross-cutting objective of its Management by Objectives system, the development and implementation of a quality management system based on the requirements of the ISO 9001 standard, which certified by European Quality Assurance.