As Europe strengthens its digital infrastructure, concerns over foreign access to sensitive projects have grown.
Governments and agencies now face increasing scrutiny of contractors and personnel, especially for systems handling large amounts of personal and biometric data.
Such fears are further heightened by geopolitical tensions and the ongoing need to prevent espionage and sabotage.
The European Public Prosecutor's Office (EPPO) is investigating the role of a Russian-linked IT office in developing the EU’s new border management system, according to Digi24.
Documents show that in 2021, French IT group Atos utilized its Moscow office to procure software for the Entry/Exit System (EES), a database set to collect and store biometric data for all non-EU travelers entering or leaving the bloc.
Security Threats and FSB Access
Documents suggest that Atos Russia operated under a license allowing potential access by the Russian Federal Security Service (FSB).
Four sources familiar with the case indicated that Moscow-based staff were directly involved in software purchases, despite such work typically requiring EU security clearance.
EPPO, led by Laura Codruța Kövesi, is probing these allegations but has yet to file charges.
The EES, valued at €212 million, was contracted to Atos Belgium, IBM Belgium, and Italy's Leonardo in 2019.
The project has faced delays due to technical challenges and growing security concerns. EU-Lisa, the agency implementing the EES, stated that no security breaches had been identified but acknowledged ongoing risk assessments and software audits.
Mitigation Measures Underway
EU officials stress the importance of maintaining strict security protocols for projects like the EES, given the vast amount of data it will manage.
Investigators have recommended stricter oversight following revelations that Atos staff in Russia facilitated software purchases for the system.
Atos, IBM, and Leonardo have declined to comment. Meanwhile, Atos affirmed that it ceased operations in Russia in 2022.
The European Commission maintains confidence in EU-Lisa's capacity to secure the EES but emphasized that further audits would be conducted before the system goes live.
