Target: Churchill Contract Services Group Holdings Limited and subsidiaries (Amulet, Churchill Environmental, OnVerve, Chequers)
Audit Phase: V-DIG — Digital Forensics / Technographic Audit
Reference Date: 2026-05-01
Churchill Group’s enterprise cybersecurity function is outsourced in its entirety to NormCyber (Fareham, Hampshire, UK), operating under a “Cyber Security as a Service / Data Protection as a Service” model 5. This is confirmed by a named Churchill Group case study published on NormCyber’s website and represents a core, non-peripheral dependency: NormCyber provides SOC monitoring, data protection compliance, and endpoint security across Churchill’s estate 5.
NormCyber’s documented primary technology partnerships are with Fortinet (Sunnyvale, California — firewall and network security, Advanced Partner status) 631 and Microsoft (Redmond, Washington — Sentinel SIEM and Defender EDR) 732. Neither vendor is of Israeli origin. No public evidence identifies NormCyber as a reseller, integrator, or licensed partner of Check Point, CyberArk, SentinelOne, Wiz, Aqua Security, or any other Israeli-origin cybersecurity vendor 67.
NormCyber’s published threat bulletins and blog content reference analytical material drawn from SentinelOne and Check Point publications 89. This represents consumption of open-source or subscription threat intelligence research — not deployment of software agents or licensed platforms from those vendors within Churchill’s environment.
No public evidence identifies Churchill Group as holding a direct licensing, subscription, or integration relationship with Check Point, SentinelOne, CyberArk, Wiz, Claroty, Verint, NICE, Palo Alto Networks, or comparable Israeli-origin vendors 56. Infrastructure and helpdesk job postings reviewed across this period do not reference Check Point certifications (CCSA/CCSE), CyberArk, or Israeli-origin security tooling; this constitutes negative evidence only and is not definitive proof of non-use 6.
Churchill Group’s workforce management and compliance operations are supported by the proprietary Mo:dus application 23, developed by PCCS Group Ltd (Northampton, UK — Brixworth Technology Park), a UK-domiciled software house 101112. The developer identity is confirmed by the Google Play Store app manifest (package ID: com.pccsuk.innovation) 10. The associated Cati compliance platform is also PCCS-developed 14. No Israeli IP component has been identified in either platform 101114.
The Mo:dus/Cati privacy policy (2021) references unspecified “third party subcontractors” for hosting without naming a provider 13. Inference from the NormCyber technology stack (Azure-based Sentinel/Defender) and job posting analysis indicates AWS and Microsoft Azure are Churchill’s cloud infrastructure providers, but this is not confirmed by a primary source disclosure 5713.
No evidence of any Israeli-origin systems integrator or digital transformation consultancy being engaged by Churchill has been identified 51011. NormCyber is the confirmed MSSP/integrator for cybersecurity 5; PCCS Group is the confirmed application developer for workforce management tooling 101112.
Churchill Group is a private, employee-owned company 36 and is not subject to UK public sector procurement transparency obligations. No public procurement records disclosing specific technology vendor contracts were identified. The full vendor stack for subsidiaries Chequers and OnVerve has not been publicly disclosed at any level of specificity 1219.
Amulet (Churchill’s security guarding and risk management division) uses Genetec Security Center as its confirmed Video Management System (VMS) platform 151625. Genetec is a Canadian company (Montreal, Quebec) with no Israeli ownership or state affiliation.
Genetec operates an open plugin ecosystem. Within that ecosystem, BriefCam (video synopsis and analytics, Israeli R&D origin, subsequently acquired by Canon) 26 and Oosto/AnyVision (facial recognition, Israeli-origin) 37 are listed as Platinum-tier technology partners 26. No evidence has been identified that Amulet has licensed or activated these specific Genetec plugins. Their existence within the Genetec ecosystem represents a latent third-party deployment pathway, not a documented Amulet deployment 2526.
No public evidence identifies Churchill Group or Amulet as deploying facial recognition, biometric identification, behavioural analytics, or gait analysis technologies from Trigo, BriefCam, AnyVision/Oosto, Trax, or comparable Israeli-origin vendors 1516.
Amulet’s Managing Director Kieran Mackie has discussed Facewatch (a UK-based retail facial recognition platform that has used the Oosto/AnyVision algorithm) and the associated ICO investigation in industry podcast appearances 1728, demonstrating executive-level awareness of this market segment. No partnership, procurement, or deployment of Facewatch by Amulet has been publicly announced or documented 17.
By contrast, competitor Mitie entered a formal, publicised strategic partnership with Facewatch in 2019 18, a platform documented as relying on Oosto/AnyVision-based facial recognition algorithms for retail watchlist screening 2737. No equivalent arrangement is documented for Churchill or Amulet.
Amulet’s published case studies indicate a client focus weighted toward transport hubs and public sector estates 1516 — a market segment where the regulatory threshold for biometric deployment under the ICO framework is demonstrably higher than in high-street retail 28.
The ICO’s October 2023 investigation into facial recognition technology in UK retail 28 is directly relevant to Amulet’s operating environment but does not name Churchill or Amulet as a subject. That investigation primarily addressed Facewatch deployments at retailers — a technology Amulet has not been documented as using 28.
Amulet’s confirmed remote monitoring partner is The Senate Group (UK-domiciled) 15. No Israeli-origin analytics layer has been identified within this arrangement. The Senate Group’s own internal technology platform — including its camera management software and any analytics integrations — is not publicly detailed, and whether it incorporates Israeli-origin modules is unverified 15.
Churchill references a sensor rollout for occupancy and environmental monitoring across its FM estate. The specific hardware OEM(s) are not disclosed in any annual report 12, ESG report 34, or case study 1516. Vendors such as Vayyar (Israeli-origin, radar-based occupancy sensing) 33 and PointGrab (Israeli-origin, ceiling-mounted occupancy analytics) 34 operate in this product category. No evidence of procurement from either vendor by Churchill has been identified; their inclusion here reflects market-sector relevance only.
Churchill Group’s cloud infrastructure relies on Amazon Web Services and Microsoft Azure in their standard commercial capacity, as indicated by the NormCyber technology stack (Azure-hosted Sentinel/Defender) 57 and inferences from job posting analysis. No primary source confirms the specific cloud provider for Mo:dus/Cati hosting; the 2021 privacy policy references unnamed “third party subcontractors” 13.
Project Nimbus is a $1.2 billion cloud infrastructure contract awarded jointly to Google Cloud and Amazon Web Services, providing cloud services to Israeli government and defence institutions 29. Churchill’s commercial use of AWS and Azure makes it a downstream customer of these hyperscalers, not a Project Nimbus partner, integrator, or designated sub-contractor 2930. No public evidence identifies Churchill Group as participating in Project Nimbus or any analogous Israeli state-backed cloud programme.
No public evidence identifies Churchill Group as operating, leasing, or co-locating data centre infrastructure within Israel.
Churchill Group is an FM and security services company, not a cloud or IT infrastructure provider. No public evidence identifies Churchill as marketing or providing data sovereignty, data residency, or infrastructure resilience services to Israeli state institutions or military bodies.
No public evidence identifies any contract, partnership, or service agreement between Churchill Group (or Amulet) and the Israeli Ministry of Defence, the Israel Defence Forces (IDF), Israeli intelligence agencies (Mossad, Shin Bet, Unit 8200 alumni ventures), or other Israeli state security bodies.
No public evidence identifies Churchill’s proprietary technology — Mo:dus workforce management 101314, Cati compliance platform 14, or Amulet’s Genetec-based VMS and CCTV infrastructure 151625 — as being deployed for military, intelligence, or law enforcement surveillance applications within Israel or occupied territories.
No public evidence identified. Churchill Group is a facilities management and security guarding company 19. It does not develop, sell, license, or maintain offensive cyber capabilities, zero-day exploit tools, or digital weapons systems. The company holds no documented relationship with Israeli cyber-offensive firms (NSO Group, Candiru, Paragon, or comparable entities).
Churchill Investments Limited (Companies House OE013431) is registered as a UK Overseas Entity with a registered address at 12 Shai Agnon Street, Apt 64, Kiriyat Motzkin, Israel 21. This is a distinct and unrelated legal entity — a private property holding vehicle. No identified shareholding, directorial, or operational link connects it to Churchill Contract Services Group Holdings Limited (Companies House 07317156) 2022. This entity must not be attributed to the Churchill FM group.
Churchill Group’s publicly documented AI strategy (circa 2024–2025) is confined to domestic commercial FM applications: predictive maintenance scheduling, operational efficiency optimisation, and resource allocation within its cleaning, security, and environmental service lines 24. No deployment of AI for surveillance, population monitoring, or enforcement applications is described.
No public evidence identifies Churchill Group as providing AI, machine learning, computer vision, or autonomous decision-support systems to Israeli state, military, or security bodies.
No public evidence identifies Churchill’s AI models or platforms as having been trained on, or granted access to, civilian population data, intercepted communications, or surveillance-derived datasets originating from Israel or occupied territories.
Churchill’s documented interests in autonomous systems concern floor-scrubbing robotics and autonomous cleaning equipment for commercial premises 24 — operational efficiency tools with no tracking, targeting, or enforcement applications.
No public evidence identifies Churchill Group as operating research and development facilities, engineering offices, innovation labs, or accelerator programmes within Israel.
No public evidence identifies Churchill Group as having acquired any Israeli-origin technology company or made strategic investments in Israeli technology startups or venture capital funds.
Churchill’s documented corporate transactions are confined to UK-domiciled FM and security businesses. The most recently disclosed transaction is the sale of its Radish catering division to HSG FM Group in May 2024 12 — unrelated to Israeli technology. Churchill transitioned to Employee Ownership Trust (EOT) status in 2023 36, a structural change with no technology provenance implications. Prior to the EOT transition, the company was backed by ESO Capital 35, a European special-situations fund; no Israeli LP relationships or co-investment structures involving Israeli state entities have been identified in connection with ESO Capital’s involvement in Churchill.
Churchill’s two principal proprietary technology assets — the Mo:dus workforce management application and the Cati compliance platform — are developed and maintained in partnership with PCCS Group Ltd (Northampton, UK) 10111214. Both platforms are UK-origin IP with no identified Israeli component.
No public evidence identifies significant patent portfolios, licensing arrangements, or co-development agreements between Churchill Group and Israeli-domiciled entities or research institutions (Technion, Hebrew University, Weizmann Institute, Ben-Gurion University, or comparable).
No public evidence identifies published NGO investigations, academic studies, or UN reports specifically addressing Churchill Group’s technology relationships with the Israeli state or operations in occupied territories. Churchill Group has not appeared in reports published by Who Profits, the American Friends Service Committee (AFSC), the BDS Movement, Business & Human Rights Resource Centre, or comparable organisations in the context of technology supply chains to Israel 30.
This gap may reflect genuine absence of documented relationships or the fact that Churchill, as a private FM company rather than a technology manufacturer, has not been a focus of technology-supply-chain auditing by these organisations.
No public evidence identifies organised boycott, divestment, or sanctions campaigns specifically targeting Churchill Group in relation to technology provision to Israel or operations in occupied territories.
No public evidence identifies regulatory inquiries, legal challenges, export control actions, or sanctions-related investigations involving Churchill Group’s technology sales or services to Israeli state entities.
The ICO’s October 2023 investigation into facial recognition technology in UK retail 28 is relevant contextual background for Amulet’s operating environment. Churchill and Amulet are not named as subjects of that investigation. The investigation principally concerned Facewatch deployments — a platform that Amulet has not been documented as using 1728.
The following material gaps constrain the completeness of this audit. They are noted as unresolved rather than resolved negative findings:
https://www.churchillservices.com/wp-content/uploads/2025/04/Oscar-Topco-filed-accounts-2024_compressed.pdf ↩↩↩↩↩
https://www.churchillservices.com/wp-content/uploads/2024/07/Churchill-Group-Holdings-Filed-Accounts-22-23_compressed.pdf ↩↩↩↩↩
https://www.churchillservices.com/wp-content/uploads/2025/06/ESG-Report-2024_compressed.pdf ↩↩↩↩
https://www.churchillservices.com/wp-content/uploads/2024/06/Churchill-Sus-Report-23-1.pdf ↩↩↩↩
https://www.normcyber.com/customer-success/churchill-group/ ↩↩↩↩↩↩↩↩
https://www.normcyber.com/about/the-normcyber-difference/ ↩↩↩↩↩
https://www.normcyber.com/customer-success/chambers-and-partners-2/ ↩↩↩↩↩
https://www.normcyber.com/bulletins/normcyber-threat-bulletin-27th-august-2025/ ↩
https://www.normcyber.com/blog/active-directory-exploits/ ↩
https://play.google.com/store/apps/details?id=com.pccsuk.innovation ↩↩↩↩↩↩↩
https://www.churchillservices.com/wp-content/uploads/2021/04/Modus-Cati-System-Privacy-Policy.pdf ↩↩↩↩↩
https://www.amulet.co.uk/news-case-studies/page/6/ ↩↩↩↩↩↩↩↩↩↩
https://www.amulet.co.uk/news/transformation-in-action-amulet-hosts-innovation-day-at-aston-martin-red-bull-racings-new-mk7-venue/ ↩↩↩↩↩↩↩
https://www.infologue.com/company/mitie-announces-unique-crime-reporting-initiative-powered-by-facewatch/ ↩
https://find-and-update.company-information.service.gov.uk/company/07317156/persons-with-significant-control ↩
https://find-and-update.company-information.service.gov.uk/company/OE013431 ↩
https://uk.globaldatabase.com/company/churchill-contract-services-group-holdings-limited ↩
https://issuu.com/kpmmedia/docs/facilities_management_journal_march_2025 ↩
https://www.churchillservices.com/news/blogs/the-role-of-artificial-intelligence-in-modern-facilities-management/ ↩↩
https://www.genetec.com/solutions/resources/security-center-datasheet ↩↩↩↩
https://www.briefcam.com/partners/technology-partners/genetec/ ↩↩↩
https://dokumen.pub/your-face-belongs-to-us-a-secretive-startups-quest-to-end-privacy-as-we-know-it-9780593448564-9780593448588.html ↩
https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2023/10/ico-warns-about-use-of-facial-recognition-technology-in-retail/ ↩↩↩↩↩↩
https://aws.amazon.com/government-education/government/israel/ ↩↩
https://www.fortinet.com/partners/partner-program ↩
https://www.microsoft.com/en-gb/security/business/microsoft-sentinel ↩
https://vayyar.com/smart-building/ ↩
https://www.pointgrab.com/ ↩
https://www.esocapital.com/ ↩
