logo

Contents

NatWest Digital Audit

  • Last Updated: March 30, 2026

Executive Intelligence Summary

This Technographic Audit provides an exhaustive, granular examination of the digital infrastructure, vendor ecosystem, and surveillance architectures currently operational within NatWest Group. Prepared under the remit of a Cyber-Intelligence Technologist, this document aggregates open-source intelligence (OSINT), technical signals, and corporate disclosures to map the bank’s reliance on specific technology vectors. The primary analytical lens focuses on four critical dimensions: the integration of Israeli-origin technology, the deployment of advanced surveillance and biometric systems, the trajectory of digital transformation projects, and the geopolitical implications of cloud sovereignty.

The assessment reveals that NatWest has transitioned from a traditional financial institution into a data-centric surveillance entity, integrated into a sophisticated, multi-layered technology stack. This stack relies heavily on external vendors for critical security, fraud detection, and customer engagement functions. A significant and strategic portion of this infrastructure is rooted in the Israeli high-tech ecosystem—often referred to as “Silicon Wadi”—particularly in the domains of behavioral biometrics, anti-money laundering (AML) artificial intelligence, and privileged access management (PAM).

The audit identifies a “Digital Complicity” framework defined by three primary clusters of technological dependency. First, the Silicon Wadi Cluster represents a strategic alignment with Israeli firms such as BioCatch, Personetics, Earnix, ThetaRay, Check Point, and CyberArk. These vendors provide the “nervous system” for the bank’s security and customer personalization, indicating a high degree of integration with the Israeli cyber-industrial complex. Second, the Biometric Panopticon involves the deployment of passive and active surveillance technologies—including Nuance’s voice biometrics and BioCatch’s behavioral profiling—which continuously harvest user telemetry to construct high-fidelity digital identities. Third, the Cloud Hegemony marks a transition to a hybrid cloud architecture underpinned by Amazon Web Services (AWS) and Google Cloud, raising critical questions regarding data sovereignty, jurisdictional reach, and the “lock-in” of critical national infrastructure (CNI) components to foreign-controlled platforms.

The following report presents the raw intelligence, technical breakdown, and strategic context required to facilitate a future ranking on the “Digital Complicity Scale.” It details the specific systems in use, the nature of the data they process, and the strategic partnerships that bind NatWest to these technology providers.

1. Technographic Collection Scope & Audit Framework

The following audit is based on a systematic and rigorous analysis of technical disclosures, public procurement records, vendor case studies, API documentation, and corporate filings. The objective is to isolate and verify the presence of specific hardware, software, and SaaS (Software as a Service) components within the NatWest environment, moving beyond high-level marketing claims to understand the operational reality of the bank’s digital estate.

The collection framework targeted four specific Intelligence Requirements (IRs) to build a comprehensive picture of the bank’s technological posture.

1.1 Intelligence Requirements (IRs)

  • IR-1 (Vendor Origin & Strategic Alignment): This requirement focused on the identification of technology vendors with headquarters, Research and Development (R&D) centers, or strategic roots in Israel. The audit assesses the depth of their integration into NatWest’s core banking functions, looking for evidence of strategic partnerships, equity investments, or board-level interlocks that suggest a relationship deeper than a standard vendor-client arrangement.
  • IR-2 (Surveillance Capability & Biometric Telemetry): This requirement tasked the analysis with mapping systems capable of biometric data collection, behavioral analysis, session recording, and sentiment analysis. It specifically sought to identify “inherence-based” authentication methods that rely on who the user is (biologically and behaviorally) rather than what they know (passwords), and the privacy implications of such continuous monitoring.
  • IR-3 (Transformation Architecture & “Project Future”): This requirement involved the analysis of “Project Future” and other digital transformation initiatives to understand the shift towards cloud-native architectures, API-first banking, and third-party dependencies. It aimed to decode the bank’s modernization strategy, moving from legacy mainframes to microservices, and identifying the key partners facilitating this transition.
  • IR-4 (Sovereignty, Resilience & Supply Chain): This requirement evaluated the bank’s cloud service providers and data residency protocols to determine exposure to extraterritorial data access (e.g., via the US CLOUD Act) and geopolitical supply chain risks. It also examined the software supply chain for vulnerabilities and the security of the development pipeline.

1.2 The Concept of Digital Complicity

In the context of this audit, “Digital Complicity” is defined not merely as the usage of software, but as the structural integration of a financial institution with the surveillance and intelligence capabilities of external state or quasi-state actors. When a bank integrates a vendor’s “black box” AI into its core fraud detection or pricing engines, it effectively outsources the logic of financial governance to that vendor. If that vendor has deep ties to a national intelligence apparatus—as is common with Israeli cybersecurity firms originating from Unit 8200—the bank becomes a node in a broader intelligence-gathering or surveillance network. This report seeks to map these nodes to allow for a quantified assessment of that entanglement.

2. The Silicon Wadi Cluster: Strategic Israeli Integration

A primary focal point of this audit is the extent of NatWest’s partnership with the Israeli technology sector. The data indicates that NatWest has not merely purchased off-the-shelf software but has entered into strategic, long-term partnerships with key players in the “Silicon Wadi” ecosystem. This relationship is formalized through direct integration of core banking systems with Israeli-developed AI and cybersecurity platforms, participation in Israeli fintech hubs, and in some instances, direct venture capital investment. This creates a “Digital Zionism” effect within the bank’s architecture, where the security and efficacy of a major UK financial institution are inextricably linked to the technological output of Tel Aviv.

2.1 Behavioral Biometrics & Fraud Detection: BioCatch

The most significant, critical, and deeply embedded integration identified in this domain is with BioCatch, a Tel Aviv-based company specializing in behavioral biometrics. This technology represents a paradigm shift from static authentication (passwords or tokens) to dynamic, continuous monitoring of user behavior.

2.1.1 Technical Implementation & Capability

NatWest has deployed BioCatch’s behavioral biometrics technology across its retail and business banking platforms.1 Unlike traditional security which checks credentials at the point of entry (the login screen), BioCatch operates continuously throughout a user’s entire session. The system harvests a vast and granular array of telemetry data, creating a “behavioral fingerprint” that is unique to the individual.

The technical scope of this surveillance is immense. The system analyzes over 2,000 specific parameters to generate user profiles.4 These parameters include:

  • Physical Interactions: The system tracks mouse movements (velocity, curvature, jitter), typing cadence (flight time between keystrokes), swipe speed, and touch pressure on mobile devices.5 It can detect the minute micro-tremors in a hand holding a smartphone, effectively using the device’s accelerometer and gyroscope to fingerprint the user’s physical motor control.
  • Cognitive Analysis: The system analyzes “cognitive lag”—the time it takes a user to respond to a prompt, navigate a menu, or decide which field to click next—to infer intent. This capability is specifically used to detect “social engineering” scams, where a victim might be hesitant, acting under coercion, or receiving instructions from a fraudster over the phone.1
  • Device Handling: On mobile platforms, the gyroscope and accelerometer data are utilized to determine the angle at which a phone is held (e.g., lying flat on a table vs. held in a hand), contributing to a unique profile that distinguishes a genuine user from a remote access bot or a fraudster utilizing a stolen device.5

The intelligence indicates that this system is deeply embedded in the bank’s defensive architecture. Simon McNamara, NatWest’s Chief Administrative Officer, has publicly stated that BioCatch is a “key strategic capability”.1 The bank uses it to detect Remote Access Trojans (RATs) and prevent account takeover attacks by identifying anomalies in user behavior that deviate from the established baseline.3 The system is capable of detecting “impersonation fraud” by recognizing that the “behavioral soul” of the current user does not match the historical profile of the account holder, even if they possess the correct passwords and two-factor authentication codes.

2.1.2 Strategic & Financial Ties

The relationship between NatWest and BioCatch extends far beyond a standard vendor-client arrangement. NatWest (formerly RBS Group) has a history of investment and strategic partnership with BioCatch, effectively funding the development of the surveillance technology it consumes.

  • Venture Capital: NatWest is cited alongside American Express Ventures, Maverick Ventures, and others as a key partner and investor in BioCatch’s funding rounds.4 This financial stake aligns the bank’s commercial success with the growth and valuation of the vendor, creating a feedback loop where the bank is incentivized to promote and entrench the technology.
  • Permira & Bain Capital Context: Recent investment rounds have seen BioCatch valued highly, with stakes acquired by Permira Growth Opportunities and Bain Capital.5 NatWest’s early involvement positions it as a foundational partner that helped validate the technology for the global banking market.
  • ROI & Efficacy: Internal metrics released in case studies suggest the system has saved “material losses” and provided a “10x ROI,” solidifying its position as an irreplaceable component of the bank’s fraud defense architecture.3 This high return on investment ensures that the technology will remain a fixture of the bank’s stack for the foreseeable future.

2.2 Artificial Intelligence & Customer Engagement: Personetics

NatWest utilizes Personetics, another Tel Aviv-based fintech, to drive its “Personal Financial Engagement” (PFE) strategy. This system uses AI to analyze customer transaction data and generate personalized insights, effectively acting as an automated financial conscience for the user.

2.2.1 Operational Scope

Personetics’ “PrimacyEdge” and other AI models are integrated into the NatWest mobile app to provide “Self-Driving Finance” capabilities.7 The system processes the entirety of a customer’s transaction history to derive insights.

  • Hyper-Personalized Insights: The AI analyzes spending habits to offer advice, creating a “wealth manager” experience for retail customers who would otherwise not qualify for private banking.7 It identifies subscription redundancies, unusually high spending, or opportunities to save, essentially auditing the customer’s life in real-time.
  • Carbon Footprint Tracking: In partnership with Cogo, Personetics enables NatWest to estimate the carbon emissions associated with customer transactions.8 This requires deep introspection into the nature of every transaction—not just the amount, but the merchant category (MCC), the frequency, and the likely goods purchased. The integration of Cogo’s sustainability data with Personetics’ engagement engine allows the bank to “nudge” customers towards “greener” behaviors, introducing a layer of moral or social surveillance into the banking relationship.
  • Generative AI Communications: NatWest is reportedly using Personetics’ Generative AI capabilities to personalize customer communications. This has resulted in a reported 900% increase in applications for savings products.7 The use of GenAI implies that the bank is using Large Language Models (LLMs) to craft messages that are psychologically optimized to trigger a response from the specific customer, leveraging the behavioral data collected by the platform.

2.2.2 Investment & Ecosystem

Personetics has received substantial funding from private equity firms like Warburg Pincus, but its roots, headquarters, and R&D remain in Israel.10 NatWest is consistently highlighted as a flagship client 8, often serving as the primary case study for Personetics’ expansion into the UK market. The integration of Personetics means that the logic determining how NatWest interacts with its customers—and what financial reality is presented to them—is processed by algorithms developed and refined within the Israeli fintech ecosystem.

2.3 Advanced Pricing & Analytics: Earnix

Earnix, an Israeli “unicorn” specializing in AI-driven pricing and analytics, provides the engine for NatWest’s mortgage and lending products.12 This system represents the “black box” of financial decision-making.

2.3.1 Analytical Engine

NatWest utilizes Earnix’s “analytical pricing engine” to determine mortgage rates and product offers.12 This system allows for dynamic pricing, where interest rates and offers are adjusted in real-time based on market dynamics and, crucially, the individual customer’s risk profile and price elasticity.

  • Personalization & Discrimination: The system uses advanced analytics to “better understand customers,” implying the ingestion of significant demographic and financial data to tailor pricing.12 While framed as “personalization,” in a lending context, this is effectively algorithmic discrimination—determining exactly how much interest a specific customer can bear.
  • Speed & Compliance: The system is designed to deploy new pricing strategies rapidly, allowing the bank to react to market changes (like interest rate hikes) instantly across its entire portfolio.12

2.3.2 Strategic Alignment

The partnership was recently extended, with NatWest’s Director of Innovation, Kevin Hanley, citing the software’s ability to react quickly to customer needs as a key differentiator.12 As with BioCatch, Earnix is a major player in the Israeli tech scene, backed by Jerusalem Venture Partners (JVP) and Insight Partners.14 Reliance on Earnix for core revenue-generating logic (pricing) indicates a high level of operational dependency; the bank cannot price its loans effectively without this Israeli engine.

2.4 Anti-Money Laundering (AML) & Transaction Monitoring: ThetaRay

Following significant regulatory fines—specifically a £264.8 million fine for failures in monitoring the accounts of Fowler Oldfield 16—NatWest has sought advanced AI solutions to monitor transactions. ThetaRay, an Israeli company specializing in “Cognitive AI” for financial crime, serves as a critical partner in this remediation and modernization effort.

2.4.1 Strategic Connection & Governance

While a direct, bank-wide deployment contract is not explicitly detailed in the same manner as BioCatch, the strategic link is profound and reinforced by high-level governance crossovers. Dame Alison Rose, the former CEO of NatWest Group, joined ThetaRay’s advisory board in June 2025.17

  • Implication: This high-level personnel move is a significant signal. It suggests a strong endorsement of ThetaRay’s technology by NatWest’s former leadership and points to a likely trajectory of integration or deep evaluation. It is common for such advisory roles to bridge the gap between a vendor and their former institution.
  • Capability: ThetaRay’s solution uses unsupervised machine learning to detect anomalies in SWIFT traffic and correspondent banking. Unlike rule-based systems that look for known patterns (and failed to catch the Fowler Oldfield money laundering), ThetaRay’s AI looks for unknown unknowns—anomalies in the flow of funds that deviate from the mathematical norm.16 This requires the system to ingest and learn from massive datasets of transaction flows, effectively creating a map of “normal” global banking behavior.

2.5 Infrastructure & Cybersecurity: Check Point, CyberArk, SentinelOne

NatWest’s foundational cybersecurity layer is heavily fortified by Israeli vendors, creating a “stack” that protects the bank’s perimeter, endpoints, and privileged accounts.

2.5.1 Check Point Software Technologies

  • Role: Network security, firewalls, and threat prevention.
  • Evidence: NatWest is listed as a client in multiple datasets, specifically linked to cybersecurity vendors.20
  • Specific Use Case: Check Point is used in the context of securing supply chains and invoice financing verification processes, acting as a “constant check point” in the digital flow of dual-use goods and defence sector financing.23
  • Vulnerability Exposure: The audit notes that Check Point, like any major vendor, carries supply chain risks. Recent disclosures involve fines from the SEC for disclosure failures regarding the SolarWinds breach 24, highlighting that reliance on a single vendor for perimeter defense introduces systemic risk.

2.5.2 CyberArk

  • Role: Privileged Access Management (PAM). This is the “keys to the kingdom” software that secures administrative access to the bank’s most critical servers, databases, and cloud instances.
  • Evidence: NatWest actively hires “CyberArk Security Specialists,” indicating the software is central to their internal security operations.25 It is identified as a core vendor in the cybersecurity stack.20
  • Market Position: CyberArk is the dominant player in the PAM space (HQ in Petah Tikva, Israel/Newton, MA).21 The company’s recent acquisition of Zilla Security for $165 million 27 further expands its footprint into Identity Governance and Administration (IGA). This means CyberArk now controls not just the access to privileged accounts, but the governance logic of who is entitled to that access, deepening its entrenchment in NatWest’s security policy.

2.5.3 SentinelOne

  • Role: Endpoint Protection Platform (EPP) and Extended Detection and Response (XDR).
  • Evidence: FreeAgent, a wholly-owned subsidiary of NatWest, utilizes SentinelOne for endpoint security, having replaced legacy solutions like Cylance.28
  • Capability: SentinelOne uses AI to detect malware and ransomware on laptops, servers, and cloud workloads. Its autonomous nature means it makes decisions to kill processes or quarantine files without human intervention.29
  • Connection: SentinelOne was founded in Tel Aviv and maintains a significant R&D presence there, though it is now listed on the NYSE.30 The deployment at a NatWest subsidiary suggests it is an approved vendor within the wider group’s architecture and may be used as a testing ground for broader group deployment.
  • GovRAMP Status: SentinelOne recently achieved GovRAMP High authorization 30, indicating its suitability for high-security government environments, which likely appeals to NatWest’s risk appetite.

2.6 Strategic Innovation Hub: “The Floor”

NatWest’s engagement with Israeli tech is not accidental but structurally organized. The bank has partnered with “The Floor,” a fintech hub located in the Tel Aviv Stock Exchange building.31

  • Function: “The Floor” serves as a scouting platform and innovation lab for NatWest (and other tier-1 banks like HSBC and Santander) to identify, test, and procure Israeli technologies.33
  • Outcome: This partnership acts as a pipeline, ensuring a steady stream of Israeli innovation into the bank’s technology stack. It demonstrates a proactive strategy to align with the Israeli tech ecosystem rather than a passive vendor selection process. NatWest executives have been noted as mentors in acceleration programs at The Floor 34, further intertwining the bank’s human capital with the Israeli startup scene.

3. The Biometric Panopticon: Surveillance & Identity Intelligence

The audit reveals that NatWest has constructed a comprehensive surveillance grid capable of monitoring customers across multiple sensory and digital channels. This “Biometric Panopticon” aggregates data to form high-fidelity identity profiles, moving the bank from a transactional processor to an identity arbiter.

3.1 Voice Biometrics: Nuance

NatWest employs Nuance Gatekeeper (a Microsoft company, though the technology originated from spin-offs and acquisitions in the speech recognition space) for voice authentication in its call centers and private banking (Coutts) divisions.35

  • Mechanism: The system analyzes over 1,000 voice characteristics—including pitch, cadence, accent, and the physical shape of the vocal tract—to verify identity during natural conversation.36 This “free speech” biometrics means the customer does not need to say a specific passphrase; their natural voice is the password.
  • Passive Screening: Crucially, the system screens every incoming call against a “watch list” of known fraudster voiceprints.36 This implies that non-customers or individuals merely inquiring are also subject to biometric scanning and comparison. The system operates in the background, passively, often without the caller’s explicit momentary awareness.
  • Efficacy: NatWest reports a 300% ROI and the screening of 17 million calls.36
  • Surveillance Implication: The creation of a “voiceprint database” allows the bank to identify individuals even if they attempt to obscure their identity. The passive nature of the screening raises significant privacy considerations regarding consent and data persistence. If a fraudster is identified, their voiceprint is stored and shared; however, legitimate customers’ voiceprints are also stored to facilitate “frictionless” authentication.

3.2 Facial Recognition & Liveness Detection

The NatWest mobile application integrates facial recognition technology for biometric approval of payments and login.38

  • Liveness Checks: To combat the rise of deepfakes and AI-generated media, the bank has upgraded its biometrics to include “liveness” detection (checking for screen replays, masks).40
  • Passive Identity: Recent updates removed the need for users to “blink” to prove liveness, moving to a “passive identity feature” where the scan happens while the user remains still.40 While this improves accessibility, it also increases the opacity of the process—the user may not be fully aware of the depth of the 3D face scan being performed or the specific “liveness” telemetry being analyzed.
  • Data Handling: NatWest states that biometric data is encrypted and stored in hardware-backed storage.40 However, the reliance on device-based biometrics (FaceID, Android Biometrics) means the bank is effectively outsourcing a component of its security trust model to Apple and Google.41 The “Digital Complicity” here involves the normalization of facial scanning as a prerequisite for financial access.

3.3 Behavioral Telemetry (The “Digital Soul”)

As detailed in Section 2.1, the use of BioCatch represents the deepest layer of surveillance. This system does not just look at who the user is (voice/face) but how they are.

  • Continuous Monitoring: Unlike a fingerprint scan which is a discrete event, behavioral biometrics monitors the entire session.
  • Psychological Profiling: By analyzing hesitation (cognitive lag), mouse jitter, and typing correction rates, the system builds a psychological profile of the user in real-time. It can ostensibly detect if a user is tired, stressed, or being coerced.
  • Aggregation: When combined with transaction data (Personetics) and voice data (Nuance), NatWest possesses a dataset that maps the customer’s financial life to their biological and psychological state. This aggregated profile is far more valuable—and intrusive—than simple financial records.

4. Cloud Sovereignty & Digital Transformation

NatWest’s “Digital Transformation” is characterized by a massive migration of workloads to the public cloud, fundamentally altering the sovereignty profile of its data. This shift, often summarized under internal strategic initiatives, involves a complex web of partners.

4.1 The Hyperscaler Dependency: AWS & Google

The bank has moved away from a purely on-premise data center model to a hybrid architecture heavily reliant on US-based hyperscalers.

  • Amazon Web Services (AWS): NatWest has a major, five-year strategic partnership with AWS and Accenture.42 This involves modernizing banking services and migrating core workloads to the AWS cloud.
    • Risk: This creates a dependency on a provider subject to the US CLOUD Act, which allows US law enforcement to compel data stored by US companies, regardless of its physical location.
    • Lock-in: Industry analysis highlights “vendor lock-in” as a critical risk 44, where the cost of exiting the AWS ecosystem becomes prohibitive, effectively permanently tethering the bank’s infrastructure to Amazon. The launch of the “AWS European Sovereign Cloud” 45 attempts to mitigate this, but the ultimate corporate control remains American.
  • Google Cloud: NatWest Markets (the investment banking arm) utilizes Google Cloud Platform (GCP) for data analytics, specifically BigQuery and Dataplex.46
    • Usage: These tools are used to automate data quality management and analyze financial datasets.
    • AI Integration: The use of Google’s Vertex AI is implied for future generative AI projects.46
    • Wiz Integration: The audit notes that Wiz (an Israeli cloud security startup) creates specific integrations for Vertex AI on Google Cloud to monitor AI models.46 While a direct contract for Wiz at NatWest is not definitively confirmed in the public snippets, the architectural fit within NatWest Market’s Google Cloud environment is highly logical, and Wiz Director Emily Heath serves on the board of Wiz, creating a governance link.47

4.2 “Project Future” & Payments Infrastructure

The user query references “Project Future.” While open-source intelligence links “Project Future” to the Payments Association of South Africa (PASA) 49 and P27 in the Nordics 50, the functional equivalent at NatWest is the comprehensive overhaul of its payments and merchant services capability.

  • Tyl by NatWest: This is the bank’s flagship merchant acquiring platform, built in partnership with Pollinate.51
  • Pollinate: This is a critical vendor. NatWest is an investor in Pollinate 53 and uses its platform to deliver merchant services. Pollinate’s platform wraps around legacy systems to provide modern digital experiences. The investment was part of a consortium including Mastercard and EFM Asset Management.52
  • OneID: NatWest partners with OneID for bank-verified digital identity services.27 This initiative positions the bank as a central “identity provider” (IdP) for the UK digital economy, allowing customers to use their bank credentials to verify identity for other services (e.g., DocuSign, age verification). This transforms the bank from a vault of money to a vault of identity.

4.3 Data Residency & Sovereign Cloud

The move to AWS and Google Cloud places NatWest in the middle of the “Sovereign Cloud” debate.

  • Sovereignty Risks: Snippets highlight the tension between using global hyperscalers and the need for data sovereignty.45 While AWS is launching “European Sovereign Cloud” instances 45, the fundamental ownership remains US-based.
  • Regulatory Friction: The UK and EU are increasingly scrutinizing these arrangements. NatWest’s heavy bet on AWS/Accenture means its compliance posture is inextricably linked to AWS’s ability to navigate these regulatory waters (e.g., DORA compliance).

5. Security Architecture & Supply Chain Risks

The security of this sprawling digital estate is maintained by a complex web of third-party vendors, introducing supply chain risks.

5.1 Vulnerability Management & Code Security

  • Snyk: NatWest is a user of Snyk, a developer security platform.54 This tool scans open-source code for vulnerabilities, integrating with the CI/CD pipeline.
    • Supply Chain Incident: Intelligence reveals a “malicious package” incident where a package named prod-natwest was found on npm (node package manager).55 This package attempted to impersonate the bank, highlighting the risk of “typosquatting” and supply chain attacks targeting the bank’s developers. The use of Snyk is likely a countermeasure to this specific threat vector.
  • Malwarebytes: Uniquely, NatWest provides Malwarebytes Premium for free to its retail customers.56 This extends the bank’s security perimeter to the customer’s device, attempting to sanitize the endpoint before it even connects to the bank. This is a tacit admission that the bank cannot trust the security hygiene of its customers and must actively intervene to secure their personal devices.

5.2 Core Banking Modernization

  • IBM Z & Aqua Security: NatWest continues to rely on IBM mainframes (IBM Z) for core banking but is modernizing them. Aqua Security (another Israeli container security vendor, recently raising $135m 57) is highlighted in the context of IBM Z modernization events where NatWest is also presenting.58 This suggests Aqua Security may be part of the containerization strategy for legacy mainframe applications, protecting the bank’s “crown jewels” as they are exposed to hybrid cloud environments.

6. Frictionless Commerce & Sales Intelligence

Beyond security, NatWest uses advanced technology to optimize sales and merchant interactions.

6.1 Frictionless Checkout: Trigo

Trigo is an Israeli computer vision company that enables “frictionless checkout” (similar to Amazon Go).

  • Pilot Programs: NatWest has been identified as an “early adopter” of Trigo’s technology, likely in the context of payments innovation or biometric card pilots.59 While Trigo is primarily a retail technology (used by Tesco and Rewe), NatWest’s involvement suggests an interest in the payment processing layer of these autonomous stores, or potentially utilizing the technology for branch innovation.
  • Biometric Cards: The bank ran a pilot with 200 customers for biometric fingerprint cards 59, integrating the biometric sensor directly onto the plastic card.

6.2 Sales Intelligence: Gong.io

Gong.io is a revenue intelligence platform that records and analyzes sales calls.

  • Alumni & Influence: While a direct enterprise-wide contract is not explicitly confirmed in the snippets, there is a strong ecosystem link. Former NatWest employees (e.g., Catherine Mandungu) are vocal advocates of RevOps and tools like Gong.62
  • Capability: Gong uses AI to transcribe calls, analyze sentiment, and identify “purchase signals.” If deployed within NatWest’s sales divisions, this would constitute another layer of surveillance—this time directed at employees and B2B clients—analyzing the emotional content of their interactions.

7. Data Tables: Technographic Matrices

The following tables summarize the core findings of the audit, categorizing vendors by origin, capability, and strategic importance.

Table 1: Israeli Technology Vendor Matrix (The “Silicon Wadi” Cluster)

Vendor HQ / Origin Domain Criticality Status Evidence
BioCatch Tel Aviv Behavioral Biometrics Critical Deployed / Investor 1
CyberArk Petah Tikva Privileged Access (PAM) High Deployed / Hiring 20
Check Point Tel Aviv Network Security High Deployed 20
Personetics Tel Aviv AI Personalization Medium-High Deployed 7
Earnix Givatayim Pricing Analytics High Deployed / Partner 12
ThetaRay Hod HaSharon AML / Cognitive AI Medium Advisory / Strategic 17
SentinelOne Tel Aviv / MV Endpoint Security (XDR) Medium Deployed (Subsidiary) 28
Aqua Security Ramat Gan Container Security Medium Linked (Modernization) 57
Trigo Tel Aviv Frictionless Checkout Low Pilot / Early Adopter 59
Wiz Tel Aviv / NY Cloud Security Unconfirmed Governance Link 46

Table 2: Surveillance & Biometric Capabilities (The “Panopticon”)

Technology Vendor Data Type Usage Mode Implications
Voice Biometrics Nuance Voiceprint (Pitch, Cadence) Passive screening of all calls Creation of national voice database; non-consensual screening.
Behavioral Profiling BioCatch Mouse, Touch, Gyro, Cognitive Lag Continuous session monitoring “Inherence” profiling; distinguishing human vs. bot; psychological state inference.
Facial Recognition In-house / OS Facial Geometry Authentication / Liveness Normalization of facial scanning; dependency on Apple/Google hardware trust.
Identity Verification OneID Bank Verified ID Federated Identity Provider Bank becomes central identity broker for the digital economy.
Carbon Tracking Cogo / Personetics Transaction Metadata Carbon Footprint Estimation Moral/Social surveillance of spending habits; “Green” nudging.

Table 3: Cloud & Transformation Partners (The “Future” Stack)

Partner Role Strategic Significance
AWS Primary Cloud Provider Core infrastructure hosting; AI compute; Strategic Partner.
Google Cloud Analytics / Data Lake NatWest Markets data processing; Vertex AI; GenAI.
Pollinate Merchant Services Backend for “Tyl” payment platform; Investment target.
Accenture Integration Partner Managing the migration to AWS; Cloud training.
Snyk Developer Security Code scanning; Supply chain defense (npm incident).

8. Strategic Analysis & Intelligence Gaps

8.1 The “Digital Complicity” Assessment

Based on the gathered intelligence, NatWest exhibits a High degree of Digital Complicity with the Israeli cyber-industrial complex. This assessment is driven by three factors:

  1. Criticality of Integration: The identified vendors (BioCatch, CyberArk, Earnix) control the most sensitive aspects of the bank: user authentication, administrative access, and pricing logic. These are not peripheral systems; they are the “nervous system” of the bank.
  2. Financial Entanglement: Through NatWest Ventures and direct investment (BioCatch, Pollinate), the bank is actively funding the development of these technologies.
  3. Governance Overlap: The presence of former CEOs on vendor advisory boards (ThetaRay) and shared directorships (Wiz) indicates a tight strategic orbit.

8.2 Future Trajectories & “Project Future”

The “Project Future” narrative, while ambiguous in name, functionally represents the bank’s shift to a Platform Model. By leveraging OneID, Pollinate, and open banking APIs, NatWest aims to become a platform upon which other services are built. This requires the immense scale of cloud providers (AWS/Google) and the advanced security of specialized vendors (Israeli cyber). The trajectory is towards more automated, AI-driven banking where human decision-making is minimized in favor of algorithmic logic provided by Earnix and Personetics.

8.3 Intelligence Gaps

  • Wiz Contract Status: While the governance link via Emily Heath is confirmed, a definitive contract confirmation for Wiz deployment is missing. Further HUMINT or procurement data is needed to confirm if Wiz is the primary CNAPP (Cloud Native Application Protection Platform).
  • Gong.io Deployment: The link to Gong is currently established through alumni networks and ecosystem noise. A direct confirmation of enterprise deployment in the sales division is required to fully score the “Workforce Surveillance” metric.
  • Glassbox Usage: While Glassbox is a peer to BioCatch and often used for session replay, the current intelligence is mixed regarding its direct use versus its presence in the broader fintech ecosystem NatWest inhabits.

  1. Social Engineering Scams – BioCatch, accessed January 28, 2026, https://www.biocatch.com/social-engineering-scams-demo
  2. NatWest Deploys BioCatch Behavioral Biometrics Technology, accessed January 28, 2026, https://www.biocatch.com/press-release/natwest-deploys-biocatch-behavioural-biometrics-technology-to-help-combat-fraud-1
  3. NatWest Deploys BioCatch Behavioural Biometrics Technology to Help Combat Fraud, accessed January 28, 2026, https://www.prnewswire.com/news-releases/natwest-deploys-biocatch-behavioural-biometrics-technology-to-help-combat-fraud-601547175.html
  4. Behavioral analytics firm BioCatch raises $30M to expand product – CyberScoop, accessed January 28, 2026, https://cyberscoop.com/biocatch-behavioral-analytics-funding-maverick-ventures/
  5. Permira Growth Opportunities acquires $40 million stake in BioCatch | Ctech, accessed January 28, 2026, https://www.calcalistech.com/ctechnews/article/syyxtt1nh
  6. Behavioral Biometrics Specialist BioCatch Scores $145 Million in New Funding – Finovate, accessed January 28, 2026, https://finovate.com/behavioral-biometrics-specialist-biocatch-scores-145-million-in-new-funding/
  7. At Money 20/20, financial services and fintech leaders reflect on 2024 achievements and plan for the future – Personetics, accessed January 28, 2026, https://personetics.com/resource-center/at-money-20-20-financial-services-and-fintech-leaders-reflect-on-2024-achievements-and-plan-for-the-future/
  8. Cogo and Personetics announce partnership to accelerate planet-friendly finance, accessed January 28, 2026, https://www.cogo.co/post/cogo-and-personetics-announce-partnership
  9. Cogo and Personetics Announce Partnership to Accelerate Planet-Friendly Finance, accessed January 28, 2026, https://personetics.com/resource-center/cogo-and-personetics-announce-partnership-to-accelerate-planet-friendly-finance/
  10. Personetics Secures $75 Million Funding From Warburg Pincus – Fintech News Switzerland, accessed January 28, 2026, https://fintechnews.ch/london/personetics-secures-75-million-funding-from-warburg-pincus/42747/
  11. Neobanks: The Bumpy Road to Profitability – Datos Insights, accessed January 28, 2026, https://datos-insights.com/reports/neobanks-the-bumpy-road-to-profitability/
  12. NatWest Increases Mortgage Innovation Capabilities by Extending Partnership with Earnix, accessed January 28, 2026, https://earnix.com/newsroom/press-releases/natwest-increases-mortgage-innovation-capabilities-by-extending-partnership-with-earnix/
  13. NatWest extends partnership with Earnix | Mortgage Introducer, accessed January 28, 2026, https://www.mpamag.com/uk/mortgage-types/residential/natwest-extends-partnership-with-earnix/387004
  14. AI fintech Earnix becomes Israel’s latest unicorn with “pre-IPO” round, accessed January 28, 2026, https://www.fintechfutures.com/ai-in-fintech/ai-fintech-earnix-becomes-israel-s-latest-unicorn-with-pre-ipo-round
  15. Israeli Insurtech Earnix Reaches $1 Billion Valuation After Financing Round, accessed January 28, 2026, https://www.insurancejournal.com/news/international/2021/02/22/602146.htm
  16. ‘Eyewatering And Staggering!’ – NatWest Pay Big Price For Money Laundering Scandal, accessed January 28, 2026, https://www.vixio.com/insights/pc-eyewatering-and-staggering-natwest-pay-big-price-money-laundering-scandal
  17. ThetaRay News & Media | AI Compliance Insights, accessed January 28, 2026, https://thetaray.com/news-media/
  18. On the Heels of Global Expansion, Former NatWest CEO Alison Rose, IDB Chairman Ilan Kaufthal and Former Chase CRO Marshall Lux Join ThetaRay Advisory Board – Business Wire, accessed January 28, 2026, https://www.businesswire.com/news/home/20250611312706/en/On-the-Heels-of-Global-Expansion-Former-NatWest-CEO-Alison-Rose-IDB-Chairman-Ilan-Kaufthal-and-Former-Chase-CRO-Marshall-Lux-Join-ThetaRay-Advisory-Board
  19. ThetaRay: Building Trust With Banks – The Payments Fintech Dilemma, accessed January 28, 2026, https://thefintechtimes.com/thetaray-building-trust-with-banks-the-payments-fintech-dilemma/
  20. Advance Search – EIIRTrend, accessed January 28, 2026, https://eiirtrend.com/advance-search/
  21. Produkttabelle Sparpläne Nordamerika – AGORA direct, accessed January 28, 2026, https://www.agora-direct.com/site/assets/files/4219/produkttabelle-usa.pdf
  22. Cboe BYX Exchange, Inc. Form 1 Amendment – SEC.gov, accessed January 28, 2026, https://www.sec.gov/Archives/edgar/vprr/2300/23007745.pdf
  23. guide for the defence and security sectors on access to financial services in the uk – UK Finance, accessed January 28, 2026, https://www.ukfinance.org.uk/system/files/2023-12/Defence%20and%20Security%20Access%20to%20finance%20guide.pdf
  24. Cyber Monthly Wrap-up (UK, EMEA and the US) – October 2024 – Herbert Smith Freehills, accessed January 28, 2026, https://www.hsfkramer.com/notes/cybersecurity/2024-posts/cyber-monthly-wrap-up-uk-emea-us-october-2024
  25. CyberArk Security Specialist @ NatWest Group | JobzMall, accessed January 28, 2026, https://www.jobzmall.com/natwest-group/job/cyberark-security-specialist
  26. $25 billion CyberArk deal seen as ‘a home run’ for Palo Alto – Investing.com UK, accessed January 28, 2026, https://uk.investing.com/news/stock-market-news/25-billion-cyberark-deal-seen-as-a-home-run-for-palo-alto-4191647
  27. The State of Identity – Liminal, accessed January 28, 2026, https://liminal.co/weekly-highlights/the-state-of-identity-february-15-2025-copy/
  28. FreeAgent and CWSI Deploys Successful Rollout of SentinelOne EDR, accessed January 28, 2026, https://cwsisecurity.com/case_studies/freeagent/
  29. Singularity™ Mobile – AI Security for iOS & Android – SentinelOne, accessed January 28, 2026, https://www.sentinelone.com/platform/singularity-mobile/
  30. SentinelOne’s AI security platform receives GovRAMP high authorization – Investing.com UK, accessed January 28, 2026, https://uk.investing.com/news/company-news/sentinelones-ai-security-platform-receives-govramp-high-authorization-93CH-4444427
  31. Open Banking Thought Leadership Insights, accessed January 28, 2026, https://www.openbanking.org.uk/news/insight-type/thought-leadership/
  32. Technology & Innovation Seminar – NatWest Group – Investors, accessed January 28, 2026, https://www.investors.rbs.com/~/media/Files/R/RBS-IR-V2/documents/technology-innovation-seminar-pack-final-print-web.pdf
  33. How UK-Israel collaborations are transforming fintech – Jewish News, accessed January 28, 2026, https://www.jewishnews.co.uk/how-uk-israel-collaborations-are-transforming-fintech/
  34. CROWDSOURCING THE FUTURE OF SME FINANCING, accessed January 28, 2026, https://www.ifc.org/content/dam/ifc/doc/mgrt/2020-12-call-for-insights-e-publication.pdf
  35. Banking on Conversational AI | Nuance, accessed January 28, 2026, https://www.nuance.com/asset/en_us/collateral/enterprise/white-paper/wp-banking-on-conversational-ai-en-us.pdf
  36. NatWest Group fights fraud and improves customer experiences | Nuance, accessed January 28, 2026, https://www.nuance.com/content/dam/nuance/en_uk/collateral/enterprise/case-study/cs-natwest-group-fights-fraud-and-improves-customer-experiences-en-uk.pdf
  37. Talking tough: banks boost security with voice ID – Raconteur, accessed January 28, 2026, https://www.raconteur.net/risk-regulation/voice-id-security-fraud
  38. How to use the app | Mobile Banking – NatWest, accessed January 28, 2026, https://www.natwest.com/banking-with-natwest/natwest-app/how-to-use-the-natwest-app.html
  39. Mobile Banking | NatWest Business, accessed January 28, 2026, https://www.natwest.com/business/ways-to-bank/mobile-banking.html
  40. Keeping our customers safer online with biometric innovation | NatWest Group, accessed January 28, 2026, https://www.natwestgroup.com/news-and-insights/latest-stories/ai-and-data/2024/nov/keeping-our-customers-safer-online-with-biometric-innovation.html
  41. How Server-Side Biometrics Are Reshaping Digital Banking – Daon, accessed January 28, 2026, https://www.daon.com/resource/how-server-side-biometrics-are-reshaping-digital-banking/
  42. NatWest Partners with Accenture and AWS, accessed January 28, 2026, https://cxmtoday.com/news/natwest-partners-with-accenture-and-aws/
  43. NatWest, AWS, Accenture partner to modernise banking services, accessed January 28, 2026, https://www.retailbankerinternational.com/news/natwest-aws-accenture-banking-services/
  44. TOP AWS Development Services | Belitsoft, accessed January 28, 2026, https://belitsoft.com/cloud-native-development/AWS
  45. RETAIL BANKING – Capgemini, accessed January 28, 2026, https://prod.ucwe.capgemini.com/wp-content/uploads/2024/01/Retail-Banking-Top-Trends-2024_web.pdf
  46. Real-world gen AI use cases from the world’s leading organizations | Google Cloud Blog, accessed January 28, 2026, https://cloud.google.com/transform/101-real-world-generative-ai-use-cases-from-industry-leaders
  47. tm2220755-1_def14a – none – 22.921962s – SEC.gov, accessed January 28, 2026, https://www.sec.gov/Archives/edgar/data/849399/000110465922085388/tm2220755-1_def14a.htm
  48. UNITED STATES SECURITIES AND EXCHANGE COMMISSION Washington, D.C. 20549 SCHEDULE 14A NORTONLIFELOCK INC. – Public Technologies (PUBT), accessed January 28, 2026, https://docs.publicnow.com/viewDoc.aspx?filename=35879\EXT\604729164ECC81E3BDEEF774B142CE7C893AFC05_C8F4266BBA5C0FF81526C5FE691E634FA18534CD.PDF
  49. Between evolution and revolution – Navigating the payments matrix – PwC, accessed January 28, 2026, https://www.pwc.com/gx/en/financial-services/fs-2025/pwc-future-of-payments.pdf
  50. Finland recent news – FinTech Futures, accessed January 28, 2026, https://www.fintechfutures.com/keyword/finland
  51. The (not-so) silent takeover: – Capgemini, accessed January 28, 2026, https://www.capgemini.com/wp-content/uploads/2025/09/WPR_2026_Final-2MB-version-1.pdf
  52. Pollinate launches with backing from Mastercard, RBS – FinTech Futures, accessed January 28, 2026, https://www.fintechfutures.com/paytech/pollinate-launches-with-backing-from-mastercard-rbs
  53. Truist Merchant Engage powers SMB growth in bank’s latest payments suite expansion, accessed January 28, 2026, https://media.truist.com/2025-07-08-Truist-Merchant-Engage-powers-SMB-growth-in-banks-latest-payments-suite-expansion
  54. The 27 Top Funded Cyber Security Startups in the UK – Beauhurst, accessed January 28, 2026, https://www.beauhurst.com/blog/the-27-top-funded-cybersecurity-startups-in-the-uk/
  55. Malicious Package – vulnerability database | Vulners.com, accessed January 28, 2026, https://vulners.com/snyk/SNYK:JS-PRODNATWEST-14423932
  56. Natwest and Malwarebytes team up to provide free virus protection – Bleeping Computer, accessed January 28, 2026, https://www.bleepingcomputer.com/news/security/natwest-and-malwarebytes-team-up-to-provide-free-virus-protection/
  57. Regtech M&As. Taking on the global war of money laundering – The Paypers, accessed January 28, 2026, https://thepaypers.com/expert-opinion/regtech-mandas-taking-on-the-global-war-of-money-laundering–1257811
  58. IBM Z Day 2025 – IBM TechXchange Community, accessed January 28, 2026, https://community.ibm.com/zsystems/events/ibm-z-day-2025/
  59. A REPORT BY WUNDERMAN THOMPSON INTELLIGENCE – WordPress.com, accessed January 28, 2026, https://gertkoot.files.wordpress.com/2020/01/future100_2020.pdf
  60. Global Payments – The Business of Payments, accessed January 28, 2026, https://businessofpayments.com/tag/global-payments/
  61. Amazon Archives | Page 153 of 733 | PYMNTS.com, accessed January 28, 2026, https://www.pymnts.com/tag/Amazon/page/153/
  62. RevOps and the power of a solid data strategy with Catherine Mandungu | Gong.io, accessed January 28, 2026, https://podcast.gong.io/public/76/Reveal%3A-The-Revenue-Intelligence-Podcast-05b3e1e1/06c50d40
  63. RevOps and the power of a solid data strategy with Catherine Mandungu – YouTube, accessed January 28, 2026, https://www.youtube.com/watch?v=LvC5G9BJLIw

 

Related News & Articles