Digital Audit: Jaeger-LeCoultre

Audit Phase: Digital (Digital / Technology Forensics) Subject Entity: Jaeger-LeCoultre (Manufacture Jaeger-LeCoultre, Le Sentier, Switzerland) - wholly-owned Maison of Compagnie Financière Richemont SA (SIX: CFR) Parent Group: Richemont (Compagnie Financière Richemont SA), Geneva, Switzerland Audit Date: June 2026 Evidence Base: Published corporate disclosures, vendor and parent-company press releases, trade and technology press, regulatory and breach-notification reporting, and the subject’s own privacy and product documentation. All factual claims are drawn from publicly available sources cited in the End Notes.

Scope and directionality note: Digital assesses the digital/technology nexus to Israel. The serious case is the provision of surveillance, digital, data, or cyber technology to the Israeli state, military, or security services. The reverse direction - Jaeger-LeCoultre (JLC) or its parent Richemont procuring technology from Israeli-origin vendors - is a customer relationship and is recorded explicitly as such, weighted far lower than provision. No transitive guilt is imputed: an Israeli vendor’s other clients, its founders’ military backgrounds, or a parent group’s separate activities are not attributed to JLC. US-entity relationships (e.g. AWS, Microsoft) are not Israeli-origin and are noted only for completeness. JLC is a watch-manufacturing Maison; almost all enterprise IT is operated centrally at Richemont group level, so much of the evidence below concerns Richemont and applies to JLC only as a constituent Maison.

Enterprise Technology Stack & Vendor Relationships

Cloud and Enterprise Infrastructure (Direction: Richemont/JLC as customer)

Richemont, JLC’s parent, selected Amazon Web Services (AWS) - a US-headquartered entity - as its preferred cloud provider in November 2021, committing to migrate its entire enterprise IT infrastructure to AWS, including more than 5,000 virtual machines and 120 SAP instances, and to close its European data centres and migrate facilities in Hong Kong and the U.S. to AWS by the end of 2022.¹ Workloads in scope include enterprise resource planning, accounting, supply-chain management, manufacturing, product lifecycle management, and e-commerce systems; Richemont’s then Group Chief Information Officer Kim Hartlev was quoted on the transformation.¹ This is a US-entity relationship, not Israeli-origin, and is recorded for completeness.

Richemont recruitment material has additionally described a “Public Multi-Cloud Environment” spanning AWS, Alibaba Cloud, and Google Cloud.² All three are non-Israeli-origin providers (US and Chinese). No public evidence identified that any of these engagements mandated or deployed Israeli-origin technology within JLC programmes.

Israeli-Origin Cybersecurity Vendors in the Stack

Wiz (cloud security). Richemont job postings have referenced cloud-security and DevSecOps functions (CSPM, CWP, SAST, policy-as-code) but the specific historic listing naming Wiz as a stack component could not be live-verified; it now redirects to a general careers portal.² Wiz is an Israeli-founded cloud-security company established in January 2020 in Tel Aviv by Assaf Rappaport, Yinon Costica, Ami Luttwak, and Roy Reznik, all veterans of the IDF’s Unit 8200 cyber-intelligence division; Wiz was acquired by Alphabet/Google in an all-cash deal valued at $32 billion announced in March 2025 and completed on 11 March 2026.³ No press release, vendor case study, or corporate filing independently confirms a formal Wiz–Richemont licensing agreement; if a Wiz relationship exists it would be Richemont/JLC as customer (procurement, inbound). Status: single unverified indirect indicator; not confirmed at primary-source level.

Other Israeli-origin cyber vendors (Check Point, CyberArk, SentinelOne, Claroty, Verint). No public evidence identified of a licensing, subscription, integration, or deployment relationship between Richemont/JLC and any of these Israeli-founded firms. Check Point is confirmed as Israeli-founded (Gil Shwed, 1993).⁴ Prior internal research that attributed such relationships to JLC/Richemont relied on non-probative sources (a Swissquote magazine PDF, security-rating pages for unrelated entities such as the British firm “Thomas Lyte,” and a pension-fund asset listing) and is discarded. No public evidence identified.

Board-Level Governance Overlap - Palo Alto Networks (Direction: personnel/governance, not provision)

Nikesh Arora, Chairman and CEO of Palo Alto Networks (a US-headquartered cybersecurity company), has served as a Non-executive Director of Richemont since 2017; since April 2025 he has been Richemont’s Lead Independent Director and a member of the Chairman’s Committee, and in November 2025 he was appointed chair of Richemont’s Strategic Security Committee; he also sits on the Nominations Committee.⁵⁶ This is a board-governance and personnel overlap, not evidence that Palo Alto Networks products are deployed by Richemont/JLC. Palo Alto Networks was founded in 2005 by Nir Zuk, an Israeli national and IDF Unit 8200 veteran (formerly of Check Point) who serves as the company’s CTO; Palo Alto Networks is US-incorporated (Santa Clara, California), not an Israeli-origin entity.⁷ No public evidence identified of a Palo Alto Networks product-licensing contract with Richemont or JLC.

Digital Integrators & Agency Relationships

No public evidence identified of a confirmed digital-transformation integrator engagement linking JLC or Richemont to an Israeli-origin technology vendor. Prior research characterising Publicis Sapient as Richemont’s integrator rested on unrelated case studies and broad luxury-sector commentary; Publicis Groupe’s separate Israeli advertising-market acquisitions (e.g. GSS, Glitch) concern its own market operations, not technology integration for JLC, and are not attributed here. No public evidence identified.

Procurement Transparency Constraints

Richemont and JLC are private-sector entities not subject to public-procurement disclosure obligations. Vendor relationships below the level of named, publicly announced partnerships are not in the public domain, and the full security/IT vendor stack is undisclosed. This is the principal evidence gap in this domain.

Surveillance, Biometrics & Retail Technology

Biometric Data Disclosure - JLSafe Portal Privacy Policy

JLC operates a watch authentication/registration platform at the jlsafe.jaeger-lecoultre.com domain. Its published privacy policy lists, within the “China Privacy Rights” section describing sensitive personal information that may be collected with express consent from individuals in Mainland China, the category “facial recognition features (including photographs).”⁸ This is a jurisdiction-specific compliance disclosure (reflecting Chinese personal-information law) and does not, by itself, confirm that facial-recognition technology is actively deployed in JLC boutiques or used for customer identification anywhere. Status: confirmed that JLC’s JLSafe privacy policy includes a facial-recognition data category for China; active deployment of facial recognition in boutique or e-commerce contexts is not confirmed through any vendor case study, regulatory filing, or investigative source.

Israeli-Origin Surveillance / Biometric Vendors (AnyVision/Oosto, BriefCam, Corsight)

No public evidence identified of any deployment of Israeli-origin facial-recognition or video-analytics technology (AnyVision/Oosto, BriefCam, Corsight, or similar) by JLC or Richemont. Canon’s acquisition of the Israeli video-analytics firm BriefCam is documented as a corporate fact, but no source links BriefCam to JLC or Richemont. Prior research designations (“Highly Probable” AnyVision boutique vendor; BriefCam “settler-site” linkage) rested on sources that do not mention JLC or Richemont (a Bosch–AnyVision investment release; a Just Peace Advocates UN submission concerning the University of Alberta’s portfolio; a Reddit marketing thread) and are discarded. No public evidence identified.

Augmented Reality - “On Your Wrist” Try-On

JLC publishes an augmented-reality watch try-on app, “On Your Wrist,” allowing users to visualise watches on their wrist.⁹ No vendor announcement, case study, or JLC disclosure identifies the underlying AR technology as Israeli-origin. Prior research speculatively attributed the feature to Zeekit (an Israeli virtual-fitting firm acquired by Walmart, focused on apparel) or Syte.ai; neither is confirmed as JLC’s provider. Status: JLC AR try-on feature confirmed; no Israeli-origin vendor confirmed as the underlying technology provider.

Predictive Analytics, Workforce Monitoring & In-Store Surveillance

No public evidence identified of JLC or Richemont deploying Israeli-origin predictive-analytics, behavioural-analytics, social-media-monitoring, or workforce-surveillance tooling.

Retail-Partner Security Contractors - Padani (Israel)

JLC’s Israeli points of sale are operated by the retail partner Padani (see Economic / Technology Ecosystem section below). Prior research named G4S, Moked Emun, and Team 3 as Padani’s security contractors based on a regional business directory and a Scribd document; neither constitutes verified evidence of Padani’s specific contractor relationships, and no provision of technology to the Israeli state arises from a retail partner’s choice of physical-security supplier in any event. No public evidence identified linking JLC to any Israeli-origin surveillance technology via this route.

Cloud Infrastructure, Data Residency & Sovereign Cloud Participation

Data Centre Footprint in Israel

No public evidence identified of JLC or Richemont operating, leasing, or co-locating data-centre infrastructure within Israel. Richemont’s disclosed strategy is migration away from owned data centres to hyperscaler cloud (AWS preferred; multi-cloud with Google Cloud and Alibaba Cloud), not the establishment of new physical presence in any jurisdiction.¹²

Project Nimbus & Israeli State Cloud Infrastructure

Project Nimbus is the approximately $1.2 billion cloud contract awarded jointly to Google Cloud and AWS in April 2021 to provide cloud regions and services to the Israeli government and military.¹⁰ JLC and Richemont are not parties to Project Nimbus and have not been identified as participants in, or sub-providers to, any Israeli sovereign-cloud programme. Richemont’s commercial use of AWS¹ (and Google Cloud²) means JLC’s parent is a commercial customer of the same vendors that hold the Nimbus contract; being a commercial customer of AWS or Google Cloud does not constitute participation in Project Nimbus or any contractual relationship with the Israeli state. Status: vendor overlap noted; no participation identified.

Data Residency / Sovereignty Arrangements with Israeli Entities

No public evidence identified of JLC or Richemont entering data-residency agreements, sovereign-cloud arrangements, or data-localisation commitments specific to Israel or Israeli state entities, or providing data-sovereignty/resilience services to any Israeli state institution.

Defence, Intelligence & Security Sector Technology Relationships

Military & Intelligence Contracts

No public evidence identified of any contract, partnership, or service agreement between JLC, Richemont, or any confirmed JLC/Richemont technology vendor (in its capacity as a JLC/Richemont supplier) and the Israeli Ministry of Defence, the Israel Defense Forces (IDF), Shin Bet, Mossad, or associated Israeli state security entities.

Provision of Technology / Data to the Israeli State or Military

No public evidence identified of JLC or Richemont providing surveillance technology, data, software, cloud capacity, or digital services to the Israeli state, military, or security services. This is the directionally serious Digital case, and no qualifying evidence of it was found. No public evidence identified.

Dual-Use Technology Provision

No public evidence identified of any JLC- or Richemont-deployed technology being documented as used for military, intelligence, or law-enforcement surveillance applications in Israel or the Occupied Palestinian Territories.

Offensive Cyber Capability

No public evidence identified. JLC is a watchmaking and luxury-goods Maison and does not develop, license, or sell offensive cyber capability. Separately, JLC’s sister Richemont Maison Cartier disclosed a data breach in early June 2025, in which an unauthorised party gained temporary access to a client database and exposed customer names, email addresses, and countries of residence (Cartier stated no passwords or financial data were compromised); this was an attack carried out to Cartier and has no nexus to provision of technology to Israel - it is recorded here as factual digital context only.¹¹¹² No JLC-specific cyberattack was identified.

AI, Algorithmic & Autonomous Systems

AI/ML Provision to Israeli State Bodies

No public evidence identified of JLC or Richemont providing AI capability, model access, training data, or inference services to any Israeli state, military, or security body.

AI Platform Deployment (Direction: Richemont/JLC as customer)

Richemont’s disclosed cloud strategy references using AWS machine-learning and analytics capabilities for personalised storefronts, video-chat consultations, and tailored offers.¹ No public source identifies any Israeli-origin AI platform vendor in JLC’s or Richemont’s stack. Any ML capability within a cloud-security tool such as Wiz (if deployed) would reflect that vendor’s product architecture, not an autonomous AI deployment by JLC.

Algorithmic Fraud Prevention - Israeli-Origin Vendors (Direction: customer, if any)

Two Israeli-founded e-commerce fraud-prevention vendors are noted as industry context, neither confirmed as a JLC/Richemont supplier at primary-source level. Forter (founded 2013, Tel Aviv/New York, by Michael Reitblat, Liron Damri, and Alon Shemesh, who served in Israeli military intelligence) is an Israeli-founded fraud-prevention firm.¹³ Riskified (founded 2012 by Eido Gal and Assaf Feldman; NYSE: RSKD, IPO July 2021) is an Israeli-founded fraud-prevention firm using machine-learning and behavioural analytics.¹⁴ Prior research asserting that Farfetch (and, transitively, JLC via the YNAP/Farfetch route) was a customer of these vendors relied on non-primary sources (a Retail Dive funding article; a TipRanks author page) and is not confirmed; in any case the transitive route has since collapsed (see Technology Ecosystem). Status: Israeli founding of both vendors confirmed; no confirmed JLC/Richemont customer relationship.

Training Data Involving Israeli Population Data

No public evidence identified of JLC or Richemont contributing to, commissioning, or benefiting from AI model development involving Israeli population datasets.

Autonomous Systems & Lethality

No public evidence identified. The development or deployment of autonomous lethal systems is not within JLC’s business domain.

Technology Ecosystem & R&D Footprint

YNAP / Farfetch Platform Solutions - Collapsed Transitive Dependency

Richemont and Farfetch announced a 2022 partnership under which Farfetch would acquire a stake in YOOX Net-A-Porter (YNAP) and YNAP plus Richemont Maisons would adopt Farfetch Platform Solutions (FPS); the European Commission granted antitrust clearance on 23 October 2023.¹⁵ The deal collapsed: Farfetch was acquired by South Korea’s Coupang in December 2023 before completion, and the FPS adoption and Maison e-concession elements were never implemented.¹⁶ Richemont subsequently agreed in October 2024 to sell YNAP to Mytheresa (Mytheresa’s parent) for approximately €555 million plus a €100 million revolving credit facility, in exchange for a 33% equity stake in the enlarged group, with the disposal expected to close in the first half of 2025 and Richemont writing down roughly €1.3 billion of YNAP assets.¹⁶¹⁷ Any Israeli-origin vendor dependency that prior research posited as flowing to JLC through the YNAP/FPS route (e.g. Syte.ai visual search, fraud tooling) is therefore moot: the FPS platform was never deployed for Richemont Maisons and YNAP has been divested. Status: the FPS transitive dependency to JLC did not materialise and is closed.

Israeli R&D Centres

No public evidence identified of JLC or Richemont operating R&D facilities, engineering offices, or innovation labs within Israel. Richemont’s technology teams are described as based mainly in Geneva and Lisbon.²

Acquisitions & Investments in Israeli Technology

No public evidence identified of Richemont or JLC acquiring Israeli-origin technology companies or making direct investments in Israeli technology startups, venture funds, or accelerator programmes. Richemont’s documented recent acquisitions (e.g. Vhernier, Gianvito Rossi, Delvaux) are luxury-sector brands in Italy, the UK, and France, not Israeli technology.

Patents & IP Co-Development

No public evidence identified of patent co-development or licensing agreements between JLC/Richemont and Israeli-domiciled research institutions or technology companies.

Local Retail Presence - Padani (Israel)

JLC lists multiple Israeli points of sale on its official boutique locator, all operated by the retail partner Padani, including locations in Tel Aviv, Ramat Aviv, and Jerusalem.¹⁸¹⁹ Padani is the confirmed retail partner/franchisee for JLC in Israel. This is a retail-distribution relationship (a downstream sales channel), not a technology-provision relationship; whether the franchise shares any central JLC/Richemont e-commerce or customer-data infrastructure is not publicly documented. Status: JLC–Padani retail presence in Israel confirmed; no technology-provision nexus identified.

Civil Society Scrutiny & Regulatory History

NGO & Academic Investigations

No public evidence identified of an NGO investigation, academic study, or UN report specifically examining JLC’s or Richemont’s technology relationships with the Israeli state, Israeli defence entities, or Israeli-origin vendors. A Just Peace Advocates submission to the UN Special Rapporteur cited in prior research concerns the University of Alberta’s investment portfolio and does not reference JLC or Richemont. No public evidence identified.

BDS Campaigns

No organised BDS or NGO campaign specifically targeting JLC or Richemont on the basis of technology provision to Israeli state or military entities was identified. BDS attention has centred on other companies (e.g. Elbit Systems, Carrefour, AXA); no campaign in the reviewed evidence names JLC in a technology supply-chain context. No public evidence identified.

Regulatory & Legal Actions - Technology Sales to Israeli State Entities

No public evidence identified of regulatory inquiries, export-control investigations, sanctions proceedings, or data-protection enforcement actions involving JLC’s or Richemont’s technology relationships with Israeli state entities. The June 2025 Cartier breach¹¹¹² concerns the Richemont group’s posture as the victim of an attack and the adequacy of its data-security controls; it is not connected to any Israeli-origin technology relationship. The biometric-data disclosure in JLC’s JLSafe privacy policy⁸ has not been identified as the subject of any regulatory action.

Investor & ESG Scrutiny

No public evidence identified of an ESG ratings body, ethical-investment screener, or pension-fund exclusion (e.g. KLP, Norway’s GPFG) flagging JLC or Richemont specifically on the basis of Israeli technology relationships.

End Notes