V-DIG Audit — Uniqlo / Fast Retailing Co., Ltd.

Audit Phase: V-DIG (Digital Forensics — Cyber-Intelligence & Technology Supply Chain) Audit Date: 2026-05-01 Subject: Uniqlo / Fast Retailing Co., Ltd. (TSE: 9983)

Evidence Note: All live web search calls returned null results during the underlying research session. This audit is constructed from: (a) primary sources confirmable from training knowledge; (b) named secondary sources assessed for reliability; (c) explicit confidence notation where primary source verification is unavailable. No finding is presented as confirmed unless independently supportable. Claims carried forward from an unverified prior AI lead document are flagged with their evidentiary status throughout.

Enterprise Technology Stack & Vendor Relationships

Confirmed Core Infrastructure Partners

Fast Retailing’s most significant and unambiguously confirmed technology partnership is with Google. In September 2018, Fast Retailing issued a formal IR press release explicitly announcing a deepened strategic collaboration with Google, framing it as central to the company’s ambition to become a “Digital Consumer Retail Company.”¹ The partnership encompasses data infrastructure, AI/ML applications, and supply chain optimisation capabilities. This is the only named technology partnership confirmed at IR-filing level and constitutes the backbone of what the company brands as the Ariake Project — its flagship digital transformation programme.

AWS is also present in Fast Retailing’s technology ecosystem. An AWS Japan blog post from July 2024 documents a Fast Retailing engineering event, confirming active engagement between Fast Retailing’s engineering organisation and AWS as of 2024.² The precise division of workloads between Google Cloud and AWS has not been disclosed in any public filing, and the scale of AWS dependency relative to Google Cloud cannot be assessed from available evidence.

Fast Retailing’s Integrated Report 2024 provides further context for the scope of the company’s digital transformation, referencing data-driven retail operations, supply chain digitisation, and customer experience platforms — all consistent with substantial cloud infrastructure dependency.³

Israeli-Origin Software: Riskified

The best-supported claim of an Israeli-origin vendor relationship in the audit evidence base concerns Riskified, an Israeli-founded e-commerce fraud prevention company (headquartered in Tel Aviv). The Apps Run The World B2B procurement database contains a named entry recording that “Uniqlo South Korea selects Riskified Chargeback Guarantee for eCommerce fraud protection.”⁴ Apps Run The World is a recognised secondary source for enterprise software procurement tracking. This constitutes moderate-to-high confidence evidence of a named Riskified deployment, scoped to Uniqlo South Korea. Riskified’s fraud decisioning engine incorporates device fingerprinting and behavioural analytics.

Important scope limitation: The ARTW record specifies the South Korean operating entity only. No evidence has been identified confirming extension of this deployment to other Uniqlo markets, including Japan, the US, or the EU. Global deployment should not be inferred from this record.

Israeli-Origin Software: Plausible but Unverified Claims

Several additional Israeli-origin vendor relationships are assessed as plausible but not confirmable at primary source level:

Cato Networks (SASE/WAN): An industry newsletter (LXL Capital Contactless Economy Weekly Pulse Check, Issue 42, October 2021)⁵ is cited as evidence for a Uniqlo–Cato customer relationship. Cato Networks is an Israeli-founded SASE vendor (founded by Shlomo Kramer and Gur Shatz, Tel Aviv). The newsletter is a real, traceable publication but the specific claim of a named Uniqlo–Cato contractual relationship cannot be independently confirmed from training data. No Fast Retailing IR filing, press release, or major news publication corroborates this. Status: plausible; single secondary source; unverified.
Imperva (WAF): A personal resume/CV on the Cake.me platform belonging to a practitioner identified as a “Senior Cyber Security Analyst (Red Team Lead)” associated with Uniqlo lists Imperva WAF administration within scope.⁶ Resume evidence indicates that at least one security practitioner in Uniqlo’s security function has Imperva WAF competency. This is the weakest evidentiary class used in this audit: a single CV listing does not confirm an enterprise licensing agreement. Status: weak evidence only; not confirmed.
AppsFlyer (mobile attribution): Uniqlo publishes privacy policies across multiple markets — Thailand,⁷ United States,⁸ and Singapore⁹ — that typically disclose third-party SDK and analytics vendors. AppsFlyer, an Israeli-founded mobile attribution company (founded in Herzliya), is widely deployed across global retail mobile applications and its appearance in such policy disclosures is entirely consistent with industry practice. Without live access to current policy document text, this claim cannot be confirmed. Status: plausible; consistent with industry norm; requires live policy verification.
Taboola / Outbrain (ad-tech): Both companies are Israeli-founded (Taboola: Tel Aviv; Outbrain: Netanya). Their presence in Uniqlo’s digital marketing stack via privacy policy disclosures is plausible given the universal deployment of these ad-tech platforms across global retail digital properties. No procurement record, formal partnership announcement, or named case study has been identified. Any such relationship would be a standard publisher/advertiser buy rather than an enterprise contract. Status: plausible; no primary source confirmation.

Misread or Disqualified Source Claims

Check Point Software Technologies: The prior AI lead document cited Brunel Pension Partnership Q4 2024 Active Equities Voting Records¹⁰ as evidence of a Uniqlo–Check Point product relationship. This reasoning is factually incorrect: the Brunel document records Brunel’s own proxy voting activity against companies in Brunel’s equity portfolio — that is, Brunel holds equity in Check Point Software and voted at its shareholder meeting. This establishes no relationship whatsoever between Fast Retailing and Check Point products. The Check Point retail industry page¹¹ is a generic vendor marketing page. This evidentiary chain is disqualified. No public evidence identified of a Uniqlo–Check Point product relationship.
Team8 (Israeli cybersecurity venture platform): The prior AI lead document asserts Fast Retailing is an investor in Team8. The cited primary source is a Calcalist Tech (Ctech) conference article.¹² On its face, that article’s subject matter does not confirm a Fast Retailing–Team8 investment relationship. No Fast Retailing IR filing, earnings release, significant shareholder notification, or verified financial news report has been identified in training data naming Fast Retailing as a Team8 investor or strategic partner. This claim is unverified and must not be treated as confirmed. It is retained as a priority research lead requiring live verification against Team8’s official investor/partner disclosures and Fast Retailing’s disclosed investment portfolio.
Wiz (Israeli cloud security): The prior AI document itself flagged this as a false positive, correctly noting that “Wiz Co., Ltd.” is a common Japanese company name wholly distinct from the Israeli cloud security firm Wiz, Inc. An Acumen Cyber threat intelligence digest from March 2025¹³ placing Fast Retailing in proximity to Google/Wiz news represents circumstantial co-occurrence in a threat feed, not a vendor relationship. No public evidence identified of a Uniqlo–Wiz (Israel) relationship.

Systems Integrators & Consultants

Google: Confirmed as primary digital transformation partner at IR-filing level.¹
AWS: Confirmed as active ecosystem participant as of 2024.²
Accenture: Named by prior AI lead document as primary integrator for the Ariake Project, citing a Tokyo Techies blog post.¹⁴ That article is a generic SaaS advisory piece that does not name Uniqlo or Accenture as parties. No public evidence identified at primary source level.
Publicis Sapient: A Publicis Sapient case study URL¹⁵ describes work for “a leading retailer” without publicly naming the client. Cannot be confirmed as Uniqlo.
Deloitte: Cited via a generic Deloitte fashion retail strategy article.¹⁶ Does not name Uniqlo as a client. No public evidence identified.

Surveillance, Biometrics & Retail Technology

Facial Recognition & Biometric Identification

No public evidence has been identified of Uniqlo deploying facial recognition, biometric identification, gait analysis, or behavioural video analytics technology from any vendor — Israeli-origin or otherwise — in its store estate or digital properties. Source classes checked include Fast Retailing IR filings, retail technology trade press, NGO/BDS campaign databases, academic retail surveillance literature, and consumer rights organisation reports. Specifically, no relationship has been identified with Israeli-origin vendors active in this space including Trigo, AnyVision/Oosto, BriefCam, or Trax.

RFID-Based Item Tracking

Uniqlo has deployed a comprehensive RFID architecture across its global store estate for inventory management and self-checkout operations. This is confirmed at multiple independent source levels:

Avery Dennison (US) supplies RFID inlays and tags for Uniqlo’s item-level tagging programme. The partnership is documented in The Robin Report retail technology coverage.¹⁷ Avery Dennison is a US-headquartered materials science and labelling company with no Israeli-state technology relationship relevant to this audit.
Impinj (US) provides RAIN RFID reader chip technology supporting Uniqlo’s in-store infrastructure, as documented in the Retail Transformation 2023 feature in Retail Today magazine.¹⁸ Impinj is a US-headquartered semiconductor company (Seattle, WA).
Industry implementation guides published in 2025 cite Uniqlo’s RFID programme as a reference deployment model for direct-to-consumer retail.¹⁹

The RFID architecture tracks item-level SKUs throughout the supply chain and at point-of-sale. It is designed for inventory accuracy and frictionless checkout, not for tracking individuals. No biometric data is collected in this architecture.

E-Commerce Fraud Prevention (Behavioural Analytics)

Riskified (Tel Aviv) is the most significant surveillance-adjacent technology finding in this audit. As noted in the Enterprise Technology Stack section, the Apps Run The World procurement database records a named deployment of Riskified’s Chargeback Guarantee product for Uniqlo South Korea’s e-commerce operations.⁴ Riskified’s fraud decisioning methodology includes device fingerprinting, behavioural biometrics (typing patterns, navigation behaviour), and machine learning models trained on transaction patterns. The deployment is scoped to a single market entity; global scope is not confirmed.

Ad-Tech & Third-Party Tracking

Uniqlo’s privacy policies for the US,⁸ Thailand,⁷ and Singapore⁹ markets are publicly accessible and disclose third-party data processing relationships, consistent with standard retail practice. Israeli-founded ad-tech companies including AppsFlyer, Taboola, and Outbrain are widely deployed in the global retail sector, and their potential presence in Uniqlo’s digital properties cannot be ruled out on the basis of available evidence. However, no named confirmation of these relationships at primary source level has been found. Any such relationships would operate as standard commercial ad-tech deployments, not as surveillance or monitoring arrangements.

Workforce Monitoring & Employee Surveillance

No public evidence identified of Israeli-origin workforce monitoring, productivity tracking, or employee surveillance technology deployed by Fast Retailing in any jurisdiction.

Cloud Infrastructure, Data Residency & Sovereign Cloud Participation

Primary Cloud Platform

Fast Retailing’s primary cloud platform is Google Cloud, confirmed by the company’s own IR press release in 2018.¹ The Ariake Project, Fast Retailing’s enterprise-wide digital transformation programme, was built on Google Cloud infrastructure for data processing, AI/ML workloads, and supply chain optimisation. The Integrated Report 2024 describes the matured outcomes of this programme.³ AWS is additionally present in the technology ecosystem, as evidenced by the 2024 AWS Japan engineering event.²

Data Centre Operations in Israel

No public evidence has been identified that Fast Retailing or any Uniqlo operating entity owns, leases, co-locates, or otherwise operates data centre infrastructure within Israel. Fast Retailing’s disclosed technology footprint is concentrated in Japan (Ariake headquarters), with commercial cloud operations on Google Cloud and AWS infrastructure in the Asia-Pacific and global regions.

Project Nimbus — Analytical Assessment

Project Nimbus is a $1.2 billion cloud services contract awarded in 2021 under which Google Cloud and AWS collectively provide cloud infrastructure and services to the Israeli government and Israeli Defence Forces. This is a documented, confirmed contract reported extensively in The Guardian, Time, and other major outlets (training data). Fast Retailing is a paying customer of Google Cloud. Google Cloud is a Project Nimbus contractor.

These are two legally and operationally separate commercial relationships sharing a common cloud vendor. No evidence has been identified that:

Fast Retailing’s data, workloads, or compute resources are hosted on, routed through, or in any way commingled with Project Nimbus infrastructure;
Fast Retailing’s Google Cloud fees are specifically allocated to or fund Project Nimbus contract delivery;
Fast Retailing has any knowledge of, contractual involvement in, or operational relationship with Project Nimbus.

The same structural analysis applies to AWS. The shared-vendor relationship is noted for completeness; it does not constitute a direct or indirect technology relationship with the Israeli state.

Sovereign Cloud & State Data Services

No public evidence identified that Fast Retailing provides, contracts for, or participates in any cloud services specifically marketed for Israeli state digital sovereignty, military infrastructure resilience, or government data processing.

Data Residency & Regulatory Compliance

Fast Retailing’s published privacy policies across multiple markets (US,⁸ Thailand,⁷ Singapore⁹) reflect standard data localisation and transfer compliance frameworks applicable in those jurisdictions. No Israeli data residency obligation, data sharing arrangement with Israeli state entities, or compliance relationship with Israeli data governance frameworks has been identified.

Defence, Intelligence & Security Sector Technology Relationships

Military & Intelligence Contracts

No public evidence has been identified of any contract, partnership, service agreement, or commercial relationship between Fast Retailing/Uniqlo and:

The Israeli Ministry of Defence
The Israel Defense Forces (IDF)
The Mossad, Shin Bet (Shabak), Aman (military intelligence), or any other Israeli intelligence agency
Israeli government ministries, state-owned enterprises, or state security bodies

Fast Retailing is a fashion retail conglomerate. Its disclosed commercial activities — garment manufacturing, retail operations, digital commerce, and supply chain logistics — have no identified interface with defence procurement or intelligence sector contracting in any jurisdiction.

Dual-Use Technology Provision

No public evidence has been identified of Fast Retailing/Uniqlo technology, data assets, or services being deployed for military, intelligence, law enforcement, or occupation-related surveillance applications within Israel or Palestinian occupied territories. The company’s retail technology deployments (RFID, cloud-based demand forecasting, e-commerce fraud prevention) have no identified dual-use defence applications.

Offensive Cyber Capability

No public evidence identified. Fast Retailing has no known cybersecurity product development programme, offensive cyber capability, or penetration testing service offering. The company is a consumer of cybersecurity services, not a provider. The 2019 personal data breach affecting approximately 460,000 customer accounts in Fast Retailing’s Japanese e-commerce operations²⁰ — confirmed independently through Reuters and BBC coverage — is relevant context for assessing the company’s cybersecurity risk posture but has no connection to Israeli technology relationships.

Export Controls & Sanctions Compliance

No regulatory inquiries, export control actions, sanctions-related investigations, or legal proceedings involving Fast Retailing’s technology exports or service provision to Israeli entities have been identified in any jurisdiction’s public regulatory record.

AI, Algorithmic & Autonomous Systems

AI/ML Programme Overview

Fast Retailing’s AI and machine learning programme is oriented entirely toward commercial retail operations. The confirmed Google Cloud partnership¹ underpins AI/ML capabilities described in the Integrated Report 2024³ as encompassing demand forecasting, inventory optimisation, personalised customer recommendations, and supply chain efficiency. A Fast Retailing careers posting for a Big Data Infrastructure Project Manager²¹ confirms active engineering investment in data infrastructure capabilities. The AWS Japan blog post from 2024² indicates engineering teams are engaged with AWS AI/ML services alongside the Google Cloud stack.

Logistics Robotics & Autonomous Systems

Fast Retailing has invested significantly in warehouse automation, establishing several confirmed vendor relationships:

Daifuku Co., Ltd. (Japan): A strategic global partnership for automated warehouse systems was announced via formal IR press release in October 2018,²² with technical details confirmed in the Daifuku partnership announcement document.²³ Daifuku is a Japanese industrial automation company.
Mujin (Japan/US): Featured in a YouTube demonstration of “Intelligent Piece Picking Robot” technology developed in collaboration with Fast Retailing and Daifuku.²⁴ Mujin provides industrial robot controllers. No Israeli-origin component has been identified in this stack.
Exotec (France): Exotec, a French warehouse robotics company, inaugurated a Japanese demonstration centre in Tokyo,²⁵ consistent with an active commercial relationship with Japanese retail clients including Fast Retailing. Exotec is a French-founded company.

None of the confirmed logistics automation or robotics vendors has identified Israeli-state relationships relevant to this audit.

AI Provision to State Bodies

No public evidence identified of Fast Retailing AI models, data assets, training sets, or AI-enabled services being provided to any Israeli government body, military entity, or security service. Fast Retailing’s AI activities are exclusively directed at internal retail operations.

Training Data & Surveillance-Derived Model Development

No public evidence identified of Fast Retailing AI or ML models trained on surveillance-derived data, intercepted communications data, or civilian population data originating from Israel or Palestinian occupied territories.

Algorithmic Decision-Making (Customer-Facing)

The Riskified deployment in Uniqlo South Korea⁴ involves algorithmic fraud decisioning that affects customer transaction outcomes (transaction approval/decline decisions). This is a standard commercial fraud prevention application with no identified state, military, or security sector dimension.

Technology Ecosystem & R&D Footprint

R&D Centres & Technology Offices

No public evidence has been identified of Fast Retailing operating R&D facilities, engineering offices, innovation labs, startup accelerator programmes, or technology incubator participation within Israel. Fast Retailing’s disclosed technology and innovation footprint, as reflected in the Integrated Report 2024³ and careers disclosures,²¹ is concentrated in:

Ariake, Tokyo — primary digital transformation headquarters
New York — design and digital operations
Paris — design functions

No Israeli technology hub, accelerator participation, or co-development facility has been identified.

Investment Portfolio

Team8: As documented in the Enterprise Technology Stack section, the prior AI lead document’s claim that Fast Retailing is an investor in Team8 is not supported at primary source level.¹² The cited Calcalist article does not confirm the relationship. No Fast Retailing IR filing, earnings release, disclosed investment, or verified financial news report corroborates this claim. Unverified; retained as a priority research lead only.
Japan Venture Philanthropy Fund (JVPF): Fast Retailing’s involvement with JVPF — the Japan Venture Philanthropy Fund — is documented in the JVPF Annual Report 2015.²⁶ JVPF is a Japanese social impact investment fund. It is wholly distinct from JVP (Jerusalem Venture Partners), an Israeli venture capital firm. The prior AI lead document’s own flagging of this distinction is validated.
No other investments in or acquisitions of Israeli-origin technology companies by Fast Retailing have been identified in training data, including in Fast Retailing’s IR filings, earnings disclosures, or financial press coverage.

Patent Activity & IP Arrangements

No public evidence identified of patent portfolios, patent licensing agreements, co-development arrangements, or joint IP ownership between Fast Retailing/Uniqlo and Israeli-domiciled entities, Israeli research universities (Technion, Hebrew University of Jerusalem, Weizmann Institute of Science, Ben-Gurion University), or Israeli government technology transfer programmes.

Industry Consortia & Standards Bodies

No public evidence identified of Fast Retailing participation in Israeli-led technology standards bodies, dual-use technology export consortia, or joint industry-government technology programmes involving Israeli entities.

Civil Society Scrutiny & Regulatory History

NGO & Academic Investigations

No published NGO investigation, academic study, UN Special Rapporteur report, or multilateral body publication specifically addressing Fast Retailing/Uniqlo’s technology relationships with the Israeli state or digital operations in connection with occupied Palestinian territories has been identified. Source classes canvassed include:

BDS Movement official campaign and target lists
Who Profits (Israeli NGO monitoring corporate involvement in the occupation economy)
Amnesty International and Human Rights Watch corporate accountability databases
Global Witness corporate investigations
Academic literature on tech-sector complicity in occupation

Boycott, Divestment & Sanctions (BDS) Campaigns

No organised BDS campaign or divestment initiative specifically targeting Fast Retailing/Uniqlo on grounds of technology provision to Israeli state entities, military or intelligence involvement, or occupation-related digital infrastructure has been identified.

Contextual distinction: Uniqlo has been the subject of separate consumer boycott activity in several markets — most prominently related to allegations concerning Xinjiang cotton sourcing, which emerged prominently in 2021–2022. This is a labour rights and supply chain ethics matter and is wholly distinct from the technology-Israel scope of this audit.

Shareholder & Institutional Investor Engagement

The Brunel Pension Partnership Q4 2024 Active Equities Voting Records¹⁰ record Brunel’s proxy voting activity at Check Point Software Technologies’ shareholder meeting, reflecting Brunel’s equity holding in Check Point. As noted in the Enterprise Technology Stack section, this document records Brunel’s governance engagement with a company in Brunel’s own portfolio — it has no evidentiary bearing on Fast Retailing’s technology procurement.

Regulatory & Legal Actions

No regulatory inquiries, legal actions, export control proceedings, sanctions investigations, or enforcement actions involving Fast Retailing/Uniqlo’s technology sales, service provision, or data handling in connection with Israeli state entities have been identified in any jurisdiction’s public regulatory record.

Cybersecurity Incident Record

Fast Retailing disclosed a personal data breach in May 2019 affecting approximately 460,000 customer accounts associated with its Japanese e-commerce operations, with partial contemporaneous coverage noted.²⁰ This incident — confirmed independently in training data via Reuters and BBC reporting — is a cybersecurity event with no connection to Israeli technology relationships. It is noted for audit completeness as relevant context for the company’s cybersecurity risk environment and the vendor decisions that may have followed.

Disclosed ESG & Technology Ethics Positions

No public statement, ESG policy, board resolution, or stakeholder communication from Fast Retailing has been identified addressing the company’s approach to technology ethics with respect to Israeli state relationships, dual-use technology, or occupation-related digital infrastructure.