INDEX / DIRECTORY / AXA / DIGITAL

AXA DIGITAL

DIGITAL INFRASTRUCTURE AUDIT UPDATED 2026-06-14
Digital Score 0.54 /10 D AXA - BDS-1000 363
Digital 0.54

Evidence-only forensic audit. Scoring happens downstream - see the main dossier for the composite assessment.

Digital Audit: AXA SA

Audit Phase: Digital (Digital / Technology Forensics) Subject Entity: AXA SA (Euronext Paris: CS) Registered Office: 25 avenue Matignon, 75008 Paris, France Audit Date: June 2026 Evidence Base: Published corporate disclosures, vendor press releases and case studies, technology and insurance trade press, SEC filings, NGO and UN research, and conference agendas. All factual claims are drawn from publicly available sources cited in the End Notes.

Scope and directionality note: Digital assesses the digital/technology nexus to Israel. The serious case is the provision of surveillance, digital, data, or cyber technology to the Israeli state, military, or security services. The reverse direction - AXA procuring technology from Israeli-origin vendors, or investing in Israeli technology firms through its venture arms - is a customer or investor relationship and is recorded explicitly as such, weighted far lower than provision. No transitive guilt is imputed: an Israeli vendor’s other clients, its founders’ military backgrounds, or a parent group’s separate activities are not attributed to AXA. US-entity relationships (Microsoft, Amazon Web Services) are not Israeli-origin and are noted only for completeness. Cyberattacks committed against AXA are recorded as such, not as provision. AXA’s financial/investment exposure to Israeli banks, arms manufacturers, and the occupation economy is the subject of the Economic audit and the civil-society record; where it bears on the technology question it is noted here only to delimit it from the digital nexus.

Enterprise Technology Stack & Vendor Relationships

Verint Systems (Direction: AXA as customer)

The most substantively evidenced Israeli-origin vendor relationship identified is with Verint Systems (Nasdaq: VRNT, until its 2025 take-private). Verint publishes a named case study describing AXA’s UK Retail division migrating to the cloud-hosted Verint Open Platform and deploying Verint Da Vinci AI-powered Speech Analytics, Verint Desktop and Process Analytics, and Verint Performance and Compliance Scoring Bots.1 Documented from that case study: a Wrap-Up Bot (internally branded “ALAN”) reduced average handle time by ~30 seconds per call across 1,700 agents; speech-analytics transcription accuracy reached 95% and uncategorised calls fell from 20% to 8%; average handle time fell 23% (≈182 seconds) in the renewals process; first-contact resolution rose from 87% to 93%; and supplier call volume fell 34%.1 A separate Verint case study documents AXA Health using the same platform to reduce handle time.2 The direction is AXA as the customer procuring a commercial customer-engagement SaaS product.

Corporate background: Verint originated from Comverse Technology / Comverse Infosys, which developed lawful-interception technology, and retains significant R&D operations in Israel.3 In February 2021 Verint completed the spin-off of its cyber-intelligence (government surveillance/OSINT) business as Cognyte Software Ltd, leaving the remaining Verint Systems entity - the one AXA uses - focused on enterprise customer engagement.34 In August 2025 Verint agreed to be acquired by US private-equity firm Thoma Bravo in an all-cash deal valued at ~$2 billion ($20.50/share).4 AXA’s documented deployment is with the post-spin-off customer-engagement Verint entity, not with Cognyte. No public evidence was identified that AXA’s Verint deployment serves or has served any military, intelligence, or law-enforcement surveillance purpose; the documented use case is contact-centre quality management.1

Wiz (Direction: AXA as customer - engagement indicated, scope unconfirmed)

Both AXA and Wiz appear in the published agenda of the 2025 UK & Ireland CISO Community Executive Summit (Evanta/Gartner, 10 June 2025): Shaun Crawford (Business Security Partner, AXA) in a session on third-party risk, and Julia Weimer (Head of Solutions Engineering UK&I, Wiz) in a Wiz-hosted cloud-security session.5 The two appear in separate sessions on the published agenda; no joint AXA-Wiz session is listed, and no AXA-named Wiz customer case study or press release was independently located.5 The scope of any AXA-Wiz deployment is not disclosed in any verified public source.

Corporate background: Wiz is an Israeli-founded cloud-security company; its four co-founders (Assaf Rappaport, Yinon Costica, Ami Luttwak, Roy Reznik) served in the IDF Unit 8200 signals-intelligence unit, a matter of public corporate record.6 Google completed its ~$32 billion acquisition of Wiz in March 2026, after the March 2025 announcement and a year of regulatory review; Wiz retains ~500 employees in Israel.6 Google is a Project Nimbus contractor (see below). Any continuing AXA-Wiz relationship would, post-acquisition, sit within Google Cloud’s ecosystem; whether AXA’s Wiz relationship continues, was restructured, or terminated is not publicly documented.

Check Point Software

AXA XL has cited Check Point Research threat-intelligence data (a reported rise in COVID-era cyberattacks) in a 2020 risk-advisory article, indicating consumption of Check Point’s published research output rather than a confirmed licensing or procurement contract.7 AXA Sigorta (AXA’s Turkish operation) referenced “Security Check Point Training” completion metrics in its 2021 annual report;8 the phrasing is ambiguous as to whether this denotes Check Point Software products or a generic security-checkpoint concept, and no independent source confirms an enterprise Check Point Software deployment at AXA Group level. No public evidence was identified confirming a group-wide Check Point Software licensing or procurement relationship.

CyberArk, SentinelOne and Other Israeli-Origin Cybersecurity Vendors

No public evidence was identified of a direct, named AXA customer relationship with CyberArk, SentinelOne, Claroty, Cyera, or comparable Israeli-origin cybersecurity vendors. CyberArk publishes anonymised insurance-sector case studies, but none names AXA, and the referenced “Federated Insurance” is a US mutual insurer not owned by AXA. No public evidence identified.

Procurement Transparency Constraints

AXA is a private-sector group not subject to public-procurement disclosure obligations. Vendor relationships below the level of named, publicly announced partnerships or vendor case studies are not in the public domain; the full security/IT vendor stack is undisclosed. This is the principal evidence gap in this domain.

Surveillance, Biometrics & Retail Technology

Facial Recognition & Biometrics

No public evidence was identified of AXA deploying facial recognition, biometric identification, gait analysis, or comparable technologies from any Israeli-origin vendor (e.g. Oosto/AnyVision, Corsight, BriefCam, Trax). No public evidence identified.

Workforce & Process Surveillance

The most substantive documented item in this category is Verint Desktop and Process Analytics, deployed within AXA UK Retail’s contact-centre operations, which monitors agent desktop activity and generates automated performance and compliance scoring via Verint’s scoring bots.1 The vendor is Israeli-R&D-based (see above); the direction is AXA as customer, for contact-centre quality management. Beyond this, no public evidence was identified of AXA deploying Israeli-origin predictive-analytics, social-media-monitoring, or external sentiment-surveillance tools.

Third-Party / Bundled Surveillance Technology

No public evidence was identified of AXA receiving Israeli-origin surveillance or biometric technology indirectly through managed-security services or bundled enterprise suites, beyond the Verint deployment documented above.

Cloud Infrastructure, Data Residency & Sovereign Cloud Participation

Primary Cloud Platforms (US-entity relationships)

AXA’s disclosed cloud strategy rests on two US-headquartered hyperscalers. AXA built AXA Secure GPT, an internal generative-AI service, on Microsoft Azure OpenAI Service; AXA states it is provided in a “secured and data-privacy compliant Cloud environment” and was rolled out from an initial 1,000 AXA Group Operations users toward all ~140,000 AXA employees globally.910 Microsoft’s own customer story references an Azure region in France (France Central) for European data processing.10 Separately, AXA and Amazon Web Services (AWS) announced (April 2024) joint development of the AXA Digital Commercial Platform (DCP), a global B2B risk-management platform using Amazon Bedrock foundation models.11 Both are US-entity relationships, recorded for completeness; neither is an Israeli-origin vendor relationship.

Israel-Located Cloud Infrastructure

No public evidence was identified that AXA operates, leases, or co-locates data-centre infrastructure within Israel, or that AXA’s cloud workloads are hosted in Microsoft’s “Israel Central” Azure region or the AWS Israel (Tel Aviv) Region. The existence of those Israel-located regions is a documented fact about Microsoft and AWS, not about AXA.

Project Nimbus

No public evidence was identified that AXA participates in Project Nimbus or any Israeli government cloud initiative, directly or indirectly. Project Nimbus is the Israeli-government cloud contract awarded to Google Cloud and Amazon Web Services; AXA is a commercial tenant/customer of AWS and Azure, not a party to that contract. The UN Special Rapporteur’s report A/HRC/59/23 identifies Project Nimbus as enabling Israeli government and military digital infrastructure;12 AXA’s status as a tenant of Project Nimbus contractors is not the same as participation in that contract, and no public source connects AXA’s specific workloads to it.

Data-Sovereignty or Resilience Services to Israeli State Institutions

No public evidence identified that AXA provides services marketed or contracted to Israeli state institutions, military bodies, or government agencies for data-sovereignty, infrastructure-resilience, or cloud-hosting purposes.

Defence, Intelligence & Security Sector Technology Relationships

Military & Intelligence Contracts

No public evidence was identified of any contract, partnership, or service agreement between AXA and the Israeli Ministry of Defence, the Israel Defense Forces (IDF), or Israeli intelligence agencies. AXA is an insurance and financial-services group and does not publicly operate in the defence-technology or security-services sector.

Provision of Technology / Data to the Israeli State or Military

No public evidence was identified of AXA providing surveillance technology, data, software, cloud capacity, or digital services to the Israeli state, military, or security services. This is the directionally serious Digital case, and no qualifying evidence of it was found. No public evidence identified.

Dual-Use Technology Provision

No public evidence was identified of AXA’s commercially deployed technology being reported or confirmed as repurposed for military, intelligence, or law-enforcement surveillance in Israel or the Occupied Palestinian Territories. Verint’s historical origins in lawful-interception technology (via Comverse Infosys) and the 2021 Cognyte spin-off are documented corporate facts;3 they do not constitute evidence that AXA’s specific Verint contact-centre deployment serves any such purpose.1

Offensive Cyber Capability

No public evidence identified. AXA does not develop, license, or sell offensive cyber capability. AXA was itself the victim of a major ransomware attack: in May 2021 the Avaddon group struck AXA’s Asia Assistance division across Thailand, Malaysia, Hong Kong, and the Philippines, claiming theft of ~3 terabytes of sensitive data (including medical reports, ID documents, bank statements, and claim forms), days after AXA announced it would stop reimbursing ransom payments in its French cyber-insurance policies.1314 This incident was committed against AXA and has no nexus to the provision of technology to Israel; it is recorded here as factual digital context only.

AI, Algorithmic & Autonomous Systems

AI/ML Provision to Israeli State Bodies

No public evidence identified. AXA deploys AI internally (AXA Secure GPT on Azure OpenAI;910 the DCP on Amazon Bedrock;11 Verint Da Vinci AI in contact centres1). No public evidence was identified of AXA providing AI capability, model access, training data, or inference services to any Israeli state, military, or security body.

AXA Secure GPT & Verint Da Vinci AI

AXA Secure GPT is an internal employee-facing productivity platform built on Microsoft’s Azure OpenAI Service (a US-entity stack).910 The Verint Da Vinci AI engine deployed at AXA UK Retail processes AXA customer voice data for transcription and analytics and is developed/maintained by Verint, which retains Israeli R&D operations.13 Whether AXA contact-centre data processed by Da Vinci AI is accessible to Verint’s Israeli R&D teams, and any associated data-residency questions, are not resolvable from public sources; a data-processing agreement review would be required. No public evidence was identified that this AI is deployed in any non-commercial or surveillance context.

Training Data & Surveillance-Derived Datasets

No public evidence was identified that AXA’s AI models or platforms have been trained on or have accessed Israeli population data, intercepted communications, or surveillance-derived datasets from Israel or the occupied territories.

Autonomous & Lethal Systems

No public evidence identified. The development or deployment of autonomous or lethal systems is not within AXA’s business domain.

Technology Ecosystem & R&D Footprint

AXA Venture / Incubator Activity in Israel (Direction: AXA as investor)

AXA’s corporate-venture and incubator arms have an active, documented Israeli-technology investment footprint:

Kamet Ventures - AXA Group’s insurtech incubator/fund, founded 2016 with ~€200 million committed (most of it from AXA), reportedly held six Israeli startups in its portfolio, including Ibex Medical Analytics Ltd, a Tel Aviv-based AI computational-pathology cancer-diagnostics company originally incubated out of Kamet.1516 Kamet co-invested in Ibex’s $11m Series A.16 AXA is the investor/incubator; these are medical-diagnostics and insurtech firms.

Hub Security - In May 2020, AXA Ventures (now AVP) led a $5 million Series A in Hub Security, an Israeli cybersecurity startup making hardware security modules and “military-grade” confidential-computing infrastructure; Jerusalem-based OurCrowd co-invested.1718 Hub Security’s founders are publicly described as veterans of Israeli military-intelligence units; the company later listed on Nasdaq (HUBC) via SPAC and subsequently faced financial difficulty.17 AXA is the investor.

Sayata Labs - In 2019, AXA was an early partner and backer of Sayata Labs, a Tel Aviv SME cyber-risk-assessment insurtech that emerged with $6.5m led by Israeli VC Elron; AXA’s stated rationale was improving its own cyber-risk selection.19 AXA is the investor/commercial partner.

AXA also co-sponsored (with Jerusalem Venture Partners) the InsurTech Israel startup competition launched in 2016.20 These are inbound investor/incubator relationships in insurtech, medical-AI, and cyber-risk firms - not provision of technology to the Israeli state.

AXA Lab Israel

AXA’s corporate communications referenced an “AXA Lab Israel” in Tel Aviv (c.2019) as part of its global innovation-lab network.21 No current public source was identified confirming the lab as operational following AXA’s subsequent consolidation of its innovation-lab network; its present status is not publicly documented.

Patents & IP Co-Development with Israeli Institutions

No public evidence was identified of patent portfolios, licensing, or co-development arrangements between AXA and Israeli research institutions (Technion, Hebrew University, Weizmann Institute).

Responsible-Investment Framework - Technology Procurement

AXA maintains a published Responsible Investment policy with exclusions for its asset-management and proprietary portfolios.22 No public evidence was identified that this or any AXA ESG framework applies to, or has been applied to, AXA’s enterprise technology procurement decisions (as distinct from its investment portfolio).

Civil Society Scrutiny & Regulatory History

NGO, UN & Academic Scrutiny

AXA is a long-standing subject of civil-society scrutiny, but the documented grounds concern its financial investment and insurance exposure, not its technology vendor relationships:

No public evidence was identified of any NGO, UN, or academic report specifically auditing AXA’s enterprise technology procurement relationships with Israeli-origin vendors (Verint, Wiz, Check Point, etc.) as a primary subject of investigation.

Boycott & Divestment Campaigns

The BDS Movement has run a sustained named campaign - “AXA DIVEST” / “Stop AXA Assistance to Israeli Apartheid.”28 The publicly cited grounds are AXA’s equity investments in Israeli banks, in Elbit Systems (divested 2019), and (per mid-2024 reporting) in global weapons manufacturers; the campaign materials focus uniformly on financial exposure and contain no reference to AXA’s enterprise software stack or technology supply chain.2825 No public evidence was identified of a BDS or civil-society campaign specifically targeting AXA’s technology procurement.

Regulatory & Legal Actions - Technology Sales to Israeli State Entities

No public evidence was identified of any action by financial regulators (French AMF, ACPR), export-control authorities, OFAC, or any equivalent body relating to AXA technology sales, services, or data transfers to Israeli state entities. AXA is an insurer, not a technology exporter, and no such proceedings are recorded in accessible public sources. No public evidence identified.

Data-Protection Posture - 2021 Avaddon Breach

The May 2021 Avaddon ransomware attack on AXA’s Asia Assistance division compromised sensitive customer data across four Asian markets.1314 This concerns AXA’s posture as the victim of an attack and the adequacy of its data-security controls; it is not connected to any Israeli-origin technology relationship.

End Notes

Footnotes

  1. https://www.verint.com/case-studies/axa-reduces-average-handle-time-by-20-using-modern-connected-verint-open-platform/ ↩ ↩2 ↩3 ↩4 ↩5 ↩6 ↩7

  2. https://www.verint.com/case-studies/axa-health-shaves-60-seconds-from-aht-with-ai-powered-verint-platform/ ↩

  3. https://www.sec.gov/Archives/edgar/data/0001166388/000116638821000113/july312021earningsrelease-.htm ↩ ↩2 ↩3 ↩4

  4. https://www.sec.gov/Archives/edgar/data/0001166388/000119312525187836/d20307dex991.htm ↩ ↩2

  5. https://www.evanta.com/ciso/uk/uk-ireland-ciso-executive-summit-7512 ↩ ↩2

  6. https://www.timesofisrael.com/in-biggest-exit-in-israeli-history-google-completes-32-billion-deal-to-buy-wiz/ ↩ ↩2

  7. https://axaxl.com/fast-fast-forward/articles/cybersecurity-risks-to-consider-when-the-workforce-returns-to-work ↩

  8. https://www.axasigorta.com.tr/media/t1/001/660/898/256/AXA-Sigorta-&-Emeklilik-Faaliyet-Raporu-2021-ENG-10052022.pdf ↩

  9. https://www.axa.com/en/press/press-releases/axa-offers-securegenerative-ai-to-employees ↩ ↩2 ↩3

  10. https://www.microsoft.com/en/customers/story/1760377839901581759-axa-gie-azure-insurance-en-france ↩ ↩2 ↩3 ↩4

  11. https://press.aboutamazon.com/aws/2024/4/axa-and-aws-developing-the-first-global-b2b-risk-management-and-prevention-platform ↩ ↩2

  12. https://www.ohchr.org/sites/default/files/documents/hrbodies/hrcouncil/sessions-regular/session59/advance-version/a-hrc-59-23-aev.pdf ↩ ↩2

  13. https://www.bleepingcomputer.com/news/security/insurer-axa-hit-by-ransomware-after-dropping-support-for-ransom-payments/ ↩ ↩2

  14. https://cyberint.com/blog/research/avaddon-ransomware-attack-hits-axa-philippines-malaysia-thailand-and-hong-kong/ ↩ ↩2

  15. https://www.calcalistech.com/ctech/articles/0,7340,L-3772839,00.html ↩

  16. https://www.mobihealthnews.com/news/asia/israel-based-computational-pathology-startup-ibex-raises-11m-series-funding ↩ ↩2

  17. https://nocamels.com/2020/05/hub-security-axa-ventures-our-crowd/ ↩ ↩2

  18. https://www.prnewswire.com/news-releases/axa-ventures-leads-5-million-investment-in-next-generation-cybersecurity-startup-hub-security-301054886.html ↩

  19. https://www.reinsurancene.ws/axa-backed-insurtech-sayata-labs-launches-with-6-5mn-in-funding/ ↩

  20. https://www.jvpvc.com/press-releases/insurtech-israel-launch-of-first-israeli-startup-competition-for-the-world-of-insurance-technology/ ↩

  21. https://www.axa.com/en/news/bringing-innovation-to-the-next-level ↩

  22. https://www.axa.com/en/about-us/our-commitments/responsible-investment ↩

  23. https://www.aljazeera.com/news/2025/7/1/un-report-lists-companies-complicit-in-israels-genocide-who-are-they ↩

  24. https://aks3.eko.org/images/AXA_investments_Israeli_banks_report_2024.pdf ↩ ↩2

  25. https://www.middleeasteye.net/news/war-gaza-axa-insurance-pulls-investment-israeli-banks ↩ ↩2

  26. https://investigate.afsc.org/company/axa ↩

  27. https://www.whoprofits.org/companies/company/axa ↩

  28. https://bdsmovement.net/axa-divest ↩ ↩2