July 15, 2026
Sovereignty Debt: The Hidden Bill Inside Your AI Stack
By Richard Mort, Strategic Intelligence Consultant
In December 2025, the United States did something that should make every board pause. It agreed to let Nvidia sell its H200 chips to China again, on one condition. Washington would take a 25 percent cut of the sales.
Not a tax on profit. A quarter of the revenue on a private company's product, claimed by a government as the price of reaching a market. Then it got stranger. China steered its own champions away from the chips altogether, towards domestic suppliers like Huawei and Cambricon. Months on, Nvidia has still not booked a cent from those approved sales. Its chief executive, Jensen Huang, now says the company's share of the China market has fallen from around ninety percent to effectively zero, and that the export policy "has already largely backfired." The chips were cleared in Washington and blocked in Beijing, and while the two governments argued, China's homegrown accelerators grew to roughly 41 percent of everything shipped there last year.
This is not really a story about semiconductors. It is a story about who controls the layers your AI is built on, and what happens to you when their politics change. That is the thing worth naming, because European boards are quietly taking it on without pricing it. Call it sovereignty debt.
Sovereignty debt is what you owe when you build your AI on someone else's chips, someone else's models and someone else's cloud. Every layer you do not control is a layer whose rules are set in a capital you do not vote in. Export controls, tariffs, revenue-share levies, sudden bans, data-access laws written for another country's security services. None of it shows up on a balance sheet. All of it comes due at the worst possible moment, usually when you have least room to move.
The AI stack has three layers where this debt hides. Chips at the bottom, models in the middle, cloud around all of it.
The chip layer is where it is most visible, because the US-China fight has dragged it into daylight. For three years, export controls have whipsawed the market. Nvidia's most advanced parts were cut off from China, so it built weaker ones for that market, the A800, the H800, the H20, and those were restricted in turn. The pattern is the point. The chip in your data centre is a political object. Its price, its availability and its legality can change between one quarter and the next, decided by people who have never heard of your business.
The model layer is quieter but the same shape. If your product depends on a frontier model you do not control, then its price, its rate limits, its terms of service and its very availability in your market answer to another company's roadmap and another government's rules. You do not own the thing your product runs on. You rent it, and the landlord can change the locks.
The cloud layer is where European firms carry the most debt and notice it the least. Three American hyperscalers run roughly 70 percent of the European cloud market. Europe's own providers hold around 15 percent of their home market. That means the systems behind European hospitals, banks and public services often sit on infrastructure governed by US law. The US CLOUD Act is the sharp end of this. It can compel an American provider to produce data under its control even when the servers sit in Frankfurt or Paris. You can put the machines in Europe and still not put them beyond reach.
Brussels has stopped treating this as an abstraction. On 25 June, after a seven-month investigation, the European Commission ruled provisionally that Amazon Web Services and Microsoft Azure should be regulated as gatekeepers under the Digital Markets Act, the first time that law has reached into cloud infrastructure rather than apps and search. The reasoning is the striking part. Neither company even met the law's size thresholds. The Commission designated them anyway, on the grounds that lock-in and high switching costs have turned the two biggest clouds into what it called an essential facility, closer to an electricity grid than a competitive market. That is the hidden bill in plain sight. Sovereignty debt is cheap to take on and expensive to repay, because leaving a hyperscaler is not a click but a migration measured in months, audits and rewritten systems.
Two weeks earlier, on 3 June, the Commission had put out its Tech Sovereignty Package, bundling a Cloud and AI Development Act, a Chips Act 2.0 and an open-source strategy. The headline aim is to triple Europe's data-centre capacity over five to seven years, alongside a new framework that scores cloud services across four levels of sovereignty. Ursula von der Leyen put it plainly: Europe cannot afford to depend on others for the technologies that keep its hospitals running, its energy grids stable and its services secure. The EU Data Act, in force since last September, already forces providers to support switching and to block unlawful foreign access to data.
But motion is not arrival, and the gap is enormous. American hyperscalers are pouring something like $600 billion into cloud and AI infrastructure this year alone, and Europe is building from a far smaller base. The incumbents are not standing still either. They are shipping their own sovereign offerings, AWS European Sovereign Cloud, Microsoft with Bleu in France, Google with the Thales-backed S3NS. Some of it is genuine. Some of it is what critics call sovereignty washing, a European flag on an American service. The buyer has to know which is which, because the flag on the marketing page is not the same as the jurisdiction on the contract.
There is a real European stack forming underneath the politics. OVHcloud, Scaleway, Hetzner and STACKIT offer compute inside EU jurisdiction. Mistral raised $830 million in debt this spring to fund its own data centre near Paris, its first debt raise and the largest any European AI company has done, from a seven-bank syndicate with no US lender in it. And even Mistral is filling that data centre with 13,800 Nvidia chips. ASML in the Netherlands holds a chokehold on the lithography machines the whole world needs to make advanced chips, though that is not the same as owning the fabs to print them at scale. The pieces exist. The gap is breadth and integration, not capability.
This is where it helps to look east. Japan has been treating the same debt as industrial strategy for a while, with less noise and more state money than Europe. It did not respond to its dependence on American chips and clouds by pretending it could go it alone. It hedged. Rapidus is running a two-nanometre pilot line in Hokkaido, its prototypes are hitting their targets, mass production is set for 2027, and Tokyo has put roughly ¥2.4 trillion of state money behind it. Sakura Internet has become a government-backed home for domestic GPU capacity. The GENIAC programme funds Japanese generative AI directly. And where it makes sense, Japan stays pragmatically plugged into American technology, SoftBank's deep tie-up with OpenAI being the obvious example.
The lesson for a European board is not to build everything yourself. That is a fantasy, and an expensive one. It is that sovereignty means optionality, not autarky. For every critical layer of your stack you want a credible alternative, a way out, and enough control that no single foreign policy decision can take you offline. You pay the debt down not by cutting yourself off, but by never letting one dependency become total.
So what does a sensible company do with this. Avoid panic and posture first of all. Put sovereignty on the risk register next to the things you already take seriously. Map your stack honestly, chips, models and cloud, and mark where a foreign rule change could hurt you. Build for portability from the start, so moving a workload is an engineering task rather than a rebuild. Keep your architecture jurisdiction-aware, so your most sensitive data and least replaceable systems sit where you can defend them. And write exit plans that are real, tested and boring, not slides nobody has ever run.
None of this means turning away from the best technology in the world, much of which is American. It means using it with your eyes open, and keeping enough control that the tool never becomes the leash.
That is where a multi-region delivery partner earns its place. Building across Europe, Asia and North America, with teams in Ho Chi Minh City, Hong Kong, Japan and Paris, gives Dirox a clear read on how the same dependency looks from three different jurisdictions. The right answer is rarely all-in or all-out. It is a stack you can defend, shaped by people who have watched the choice play out on more than one continent.
If your AI roadmap has quietly taken on more sovereignty debt than anyone has named out loud, that is a conversation worth having now, while you still have room to move.



.png)
.png)



