DISCUSSION PAPER | Making Sovereign AI Real

Sovereign AI will not be made real by owning GPUs or building data centres. It will be made real by controlling the enforcement layer that governs how AI behaves in motion – across every interaction, in real time. Regulators around the world are moving fast to make this a legal requirement. The window to act is now.

EXECUTIVE SUMMARY

Governments, enterprises, and regulated industries are facing an urgent question: as AI agents start to act on their own and make decisions that affect humans, public services, financial markets, and critical infrastructure, who is accountable – and can you be trusted to operate AI responsibly, and prove it?

Answering that question requires trustworthy AI: AI whose behavior is not simply claimed by a supplier but independently verified by parties outside the system delivering it. Sovereign AI – keeping AI under national or organizational control – is an essential pillar to make that possible. This paper argues that Communication Service Provider (CSP) networks are the undervalued layer for assuring it. Not by owning GPU clusters or building national AI clouds, but by doing what CSPs are best positioned to do: operating a continuous, regulated enforcement layer that sits across every AI interaction, regardless of which models, platforms, or applications run it.

Most sovereign AI investment today is going into infrastructure – the most visible but also the hardest to differentiate – a first-mover advantage that will likely erode as compute supply normalizes. Importantly, infrastructure investment alone does not govern what happens when AI systems are running. The real control point is data and decisions in motion – every instruction an agent receives, every boundary it crosses, every action it takes. As data moves across boundaries, as models act on instructions, as agents call services and produce real-world effects, that is where sovereignty breaks down and where the network can intervene.

Sovereignty of AI at runtime requires a zero-trust approach – the same principle applied to modern security. The 'Assume Breach' principle demands exactly that: treat any component as potentially compromised, verify continuously, and enforce at every interaction. The network is where that principle becomes operational – and because CSPs operate it as a regulated entity under independent audit obligations, their records carry a credibility that no other can match. That is a product, and one that does not yet exist in any CSP's portfolio.

The commercial case is compelling. Enterprise connectivity is commoditizing, with price becoming the only differentiator. Sovereign AI enforcement and assurance services offer a way out: protecting existing customer relationships by embedding the CSP in AI governance architecture, generating new managed service revenue, and moving from charging for connectivity to charging for outcomes. This is defense and offense in the same move, and it is a credible answer to the industry’s long-running growth problem.

The market opportunity is substantial. McKinsey estimates that 30 to 40 percent of global AI spending – $500 to $600bn by 2030 – could be influenced by sovereignty requirements. Gartner forecasts sovereign cloud IaaS spending alone will reach $80bn in 2026, growing at 35 percent year-on-year. The EU's proposed Cloud and AI Development Act (CADA), published June 2026, makes sovereign AI an auditable legal requirement for the first time – and leaves open exactly the standards question this paper addresses.

The window of opportunity is closing fast. Hyperscalers are already winning government and enterprise AI contracts, and fundamental sovereign AI choices are solidifying. The rise of agentic AI and geopolitical context makes this more urgent: in an era of strategic competition over technology, governments need infrastructure they can trust unconditionally. CSPs embedded in national legal frameworks are structurally better placed to provide that than any global platform. The window for CSPs to define their role is 18 to 24 months.

To request the full discussion paper, contact [email protected]