Audit Phase: V-DIG Domain Audit
Subject Entity: JPMorgan Chase & Co. (NYSE: JPM)
Audit Date: 2026-05-01
Data Cutoff: April 2026
JPMorgan Chase disclosed a technology budget of approximately $15.3 billion for 2023, making it the largest technology spender among US banks 1. Its Annual Report describes a multi-layered cybersecurity and infrastructure architecture but does not publicly name specific security vendors, consistent with its stated policy of withholding security vendor identities for operational security reasons 1. The firm’s 2023 10-K filing confirms the breadth of this infrastructure without vendor-level granularity 2.
NICE Ltd / NICE Actimize: NICE Actimize (Israeli-origin, headquartered in Ra’anana, Israel) is publicly documented as a vendor to major global banks for anti-money laundering (AML), fraud detection, and financial crime compliance 8. NICE Actimize’s own marketing and product documentation reference Tier-1 US banks as clients; however, JPMorgan Chase is not individually named in any public case study or press release located in available sources. NICE Actimize is among the dominant AML/fraud platforms used across the US banking sector. Direct confirmed relationship between NICE Actimize and JPMorgan Chase: no public evidence individually confirmed 8.
Verint Systems: Verint (Israeli-origin, founded in Israel, NYSE-listed) provides workforce engagement management, call-centre analytics, and security intelligence platforms to major global banks 9. No specific confirmed public evidence of a named JPMorgan Chase–Verint contract has been identified 9.
Check Point Software: Check Point (Israeli-origin, Tel Aviv) is among the most widely deployed network security platforms globally. JPMorgan Chase’s 2023 Annual Report references a layered network security architecture but does not name specific vendors 1. No individually confirmed public evidence of a named JPMorgan Chase–Check Point contract is available 11.
CyberArk: CyberArk (Israeli-origin, headquartered in Newton, MA, with R&D in Israel) provides privileged access management (PAM) and is widely deployed across US financial institutions 10. No specific named JPMorgan Chase–CyberArk contract is confirmed in public sources 10.
SentinelOne: SentinelOne (Israeli-founded, headquartered in Mountain View, CA) provides AI-driven endpoint detection and response (EDR) to financial services clients 12. No specific named JPMorgan Chase–SentinelOne contract is confirmed in public sources 12.
Palo Alto Networks: Palo Alto Networks (co-founded by Israeli engineer Nir Zuk, headquartered in Santa Clara, CA) provides network and cloud security via its Prisma Cloud platform 13. JPMorgan Chase is a known large enterprise user of cloud security platforms at scale; Palo Alto Networks is widely deployed in financial services. No specific named public contract between JPMorgan Chase and Palo Alto Networks is individually confirmed in training data 13.
Wiz: Wiz (Israeli-founded, headquartered in New York) provides cloud security posture management (CSPM). JPMorgan Chase has been reported by Bloomberg and The Information in 2023–2024 as both a strategic investor in Wiz and as a reference enterprise customer evaluating Wiz’s cloud security platform 4. This is the most specifically documented Israeli-origin technology relationship in recent public record for JPMorgan Chase. The extent of production deployment within JPMorgan’s infrastructure is not confirmed in public sources 4.
Claroty: Claroty (Israeli-founded, headquartered in New York) provides OT/ICS security for critical infrastructure, including financial sector deployments 14. No specific named JPMorgan Chase–Claroty contract is confirmed in public sources 14.
JPMorgan Chase engages large systems integrators including Accenture and McKinsey for digital transformation initiatives 1. No public evidence has been identified that these integrators specifically mandated or deployed Israeli-origin technology as part of JPMorgan engagements. No public evidence identified for integrator-mandated Israeli technology deployment. JPMorgan Chase’s Supplier Code of Conduct governs third-party vendor relationships but does not disclose specific vendor identities or technology provenance requirements 17.
JPMorgan Chase operates Chase Bank retail branches across the United States. No verified public evidence has been identified of JPMorgan Chase deploying Israeli-origin facial recognition systems (e.g., AnyVision/Oosto, BriefCam, Trigo, Trax) in branches or customer-facing environments. A review of NGO reports, trade press, BDS campaign records, and technology press located in training data yields no such finding. No public evidence identified.
JPMorgan Chase operates a large internal data analytics and AI division with capabilities applied primarily to fraud detection, risk modelling, and customer analytics 1. No verified public evidence has been identified linking JPMorgan Chase to Israeli-origin predictive policing, social media monitoring, or workforce surveillance tools specifically. No public evidence identified.
No public evidence has been identified that Israeli-origin surveillance or biometric technologies reach JPMorgan Chase indirectly via third-party managed security services or bundled enterprise suites, based on available public record. This gap is noted as an evidence limitation: the absence of investigative journalism or NGO coverage targeting JPMorgan’s retail surveillance stack means absence of evidence should not be read as confirmed absence.
JPMorgan Chase operates a technology hub and R&D office in Tel Aviv, Israel, opened circa 2018–2019 56. Public descriptions of this facility characterise it as an engineering and innovation office focused on fintech research and product development, not as a data centre or co-location facility. No verified public evidence has been identified of JPMorgan Chase operating, leasing, or co-locating data centre infrastructure within Israel. No public evidence identified for data centre operations in Israel.
JPMorgan Chase has disclosed a hybrid multi-cloud strategy utilising Amazon Web Services (AWS) and Microsoft Azure as primary hyperscale cloud partners, reported across Reuters and Bloomberg coverage from 2019 to 2023 12. These relationships are with US-domiciled providers and do not constitute participation in Israeli sovereign cloud infrastructure.
Project Nimbus is an Israeli government cloud infrastructure contract awarded in 2021 to Google Cloud and Amazon Web Services, not to JPMorgan Chase. JPMorgan Chase is a financial institution and not a cloud infrastructure provider. It has no documented participation in Project Nimbus or any comparable Israeli state cloud initiative. No public evidence identified 12.
JPMorgan Chase has no documented role as a provider of data sovereignty or infrastructure resilience services to Israeli state institutions or military bodies. No public evidence identified.
JPMorgan Chase is a commercial bank and financial services firm whose primary business lines are retail banking, investment banking, asset management, and financial markets 12. No public evidence identified of contracts, partnerships, or service agreements between JPMorgan Chase and the Israeli Ministry of Defence, Israel Defence Forces (IDF), Israeli intelligence agencies, or other Israeli state security bodies for technology provision.
No public evidence identified of JPMorgan Chase’s commercially available technology being publicly reported, confirmed by official sources, or documented by researchers as deployed for military, intelligence, or law enforcement surveillance applications within Israel or the occupied territories.
JPMorgan Chase is a consumer of security technology, not a developer or seller of offensive cyber capabilities or weapons systems. No public evidence identified of any JPMorgan Chase involvement in offensive cyber development, weapons technology, or dual-use military technology provision.
JPMorgan Chase’s LP investment in Team8 Capital (see Technology Ecosystem section) constitutes an indirect financial relationship with a company-building platform co-founded by former Israeli intelligence unit (Unit 8200) officers 718. This is a venture capital LP relationship, not a direct procurement or technology integration arrangement with Israeli intelligence structures. No technology developed within the Team8 portfolio has been publicly confirmed as deployed operationally within JPMorgan Chase’s production infrastructure beyond the Wiz relationship noted above 47.
JPMorgan Chase is an internal consumer of AI and ML technology at significant scale. Publicly disclosed applications include fraud detection, algorithmic trading, risk modelling, customer analytics, and document processing 1. The firm has publicly discussed its large language model strategy, including development of an LLM Suite for internal use and a 2023 trademark filing for IndexGPT 12. These are documented as internally focused financial analytics and productivity tools.
JPMorgan Chase is not a documented AI platform provider to external state bodies. No public evidence identified of JPMorgan Chase providing AI, ML, computer vision, or autonomous decision-support systems to Israeli state, military, or security bodies.
JPMorgan Chase’s Tel Aviv technology office has been reported as including AI/ML engineering among its focus areas, alongside cybersecurity research and cloud infrastructure software development 56. Press and LinkedIn-derived reporting suggests this team contributes to JPMorgan’s internal AI and fraud-detection capability, not to externally commercialised AI products 1.
No public evidence identified of JPMorgan Chase’s AI training datasets being sourced from Israeli civilian population data, intercepted communications, or surveillance-derived datasets.
JPMorgan Chase has no documented role in autonomous targeting, fire-control AI, or kill-chain automation. No public evidence identified.
JPMorgan Chase established a technology and innovation office in Tel Aviv circa 2018, as documented in contemporaneous Israeli business press and US trade coverage 56. A subsequent expansion of this presence was reported circa 2021 18. The office focuses on fintech research, software engineering, cybersecurity research, cloud infrastructure software, and AI/ML engineering 56.
Public data and press reports suggest headcount in the dozens to low hundreds, constituting a meaningful but non-dominant share of JPMorgan Chase’s global technology workforce of approximately 60,000+ technologists 1. Precise current headcount and project scope post-2023 are not confirmed in public sources.
JPMorgan Chase is a documented strategic limited partner (LP) in Team8, an Israeli venture capital and company-building platform co-founded by former Unit 8200 intelligence officers 718. Team8’s focus areas include cybersecurity, fintech, and data infrastructure. JPMorgan’s participation as a strategic partner was confirmed on Team8’s corporate website and reported by CTech/Calcalist 71821. The LP relationship was established in 2020–2021 and was reported as ongoing as of 2023 721.
This is an LP investment relationship in a VC fund structure, not a direct acquisition. The dollar amount committed and specific portfolio companies benefiting from JPMorgan capital are not publicly disaggregated. Portfolio companies incubated within the Team8 ecosystem include cybersecurity and data firms; whether any of these are operationally deployed within JPMorgan Chase’s production infrastructure (beyond Wiz) is not confirmed in public sources.
JPMorgan Chase has been reported as a strategic investor in Wiz (Israeli-founded CSPM provider) and as a reference customer exploring Wiz’s cloud security platform, as reported by Bloomberg and The Information in 2023–2024 4. Wiz raised a $300 million Series E in May 2023 4. This is the most concretely documented Israeli-origin technology relationship in JPMorgan Chase’s recent public record, combining both an investment and reported product evaluation.
No direct acquisitions of Israeli-origin technology companies by JPMorgan Chase have been identified in training data. JPMorgan’s major acquisitions in the 2019–2024 period include:
None of these acquisitions are Israeli-origin companies.
No public evidence identified of significant patent portfolios, licensing agreements, or co-development arrangements between JPMorgan Chase and Israeli-domiciled research institutions (e.g., Technion, Hebrew University, Weizmann Institute). JPMorgan Chase’s patent activity is primarily in financial technology, blockchain, and trading systems filed under US jurisdiction 23.
No published NGO investigation, academic study, or UN report specifically addressing JPMorgan Chase’s technology relationships with the Israeli state, the IDF, or operations in occupied territories has been identified in available sources 16. This contrasts with documented civil society scrutiny applied to technology companies such as Google, Amazon, Microsoft, and Palantir in connection with Project Nimbus and comparable defence contracts.
JPMorgan Chase has been subject to broader civil society scrutiny regarding its investment banking and financing activities — notably fossil fuel financing campaigns led by organisations such as BankTrack and the Rainforest Action Network — but these fall outside the technology domain of this audit and are noted here only for completeness.
No public evidence identified of organised BDS campaigns specifically targeting JPMorgan Chase for its technology provision to Israeli state entities or technology relationships with the Israeli defence sector 16. The BDS Movement’s documented corporate campaign targets, as of training data, focus primarily on technology infrastructure providers (Google, Amazon), defence contractors, and agricultural and consumer goods companies 16. JPMorgan Chase’s technology activities do not appear in BDS campaign materials located in training data.
No public evidence identified of regulatory inquiries, legal challenges, export control actions, or sanctions-related investigations involving JPMorgan Chase’s technology sales or services to Israeli state entities or the Israeli defence sector.
For completeness: JPMorgan Chase was subject to a $200 million fine from the CFTC and SEC in 2021 related to employees’ use of WhatsApp and Signal for business communications (off-channel communications violations) 15. This is a domestic US regulatory enforcement matter entirely unrelated to Israeli technology provision or the domains assessed in this audit.
JPMorgan Chase’s 2023 Proxy Statement (DEF 14A) filed with the SEC does not contain disclosures related to Israeli technology vendor relationships, dual-use technology governance, or geopolitical supply chain risk in the technology domain 3. Technology risk disclosures in the 10-K are focused on cybersecurity resilience and operational risk, without geographic supply chain granularity 2.
https://www.jpmorganchase.com/content/dam/jpmc/jpmorgan-chase-and-co/investor-relations/documents/annualreport-2023.pdf ↩↩↩↩↩↩↩↩↩↩↩↩
https://www.sec.gov/cgi-bin/browse-edgar?action=getcompany&CIK=0000019617&type=10-K&dateb=&owner=include&count=10 ↩↩↩↩↩↩↩
https://www.sec.gov/cgi-bin/browse-edgar?action=getcompany&CIK=0000019617&type=DEF+14A&dateb=&owner=include&count=10 ↩↩
https://techcrunch.com/2023/05/09/wiz-raises-300m-series-e/ ↩↩↩↩↩
https://en.globes.co.il/en/article-jpmorgan-opens-tech-hub-in-tel-aviv-1001290234 ↩↩↩↩
https://www.americanbanker.com/news/jpmorgan-chase-opens-innovation-lab-in-tel-aviv ↩↩↩↩
https://www.niceactimize.com/financial-crime-and-compliance ↩↩
https://www.checkpoint.com/industries/financial-services/ ↩
https://www.sentinelone.com/industries/financial-services/ ↩↩
https://www.cftc.gov/PressRoom/PressReleases/8470-21 ↩
https://www.jpmorganchase.com/about/supplier-code-of-conduct ↩
https://www.calcalistech.com/ctechnews/article/team8-fintech-jpmorgan ↩↩↩↩
https://www.jpmorganchase.com/news-stories/jpmorgan-chase-acquires-renovite ↩
https://www.jpmorganchase.com/news-stories/jpmorgan-chase-acquires-nutmeg ↩
