Home-grown AI? What You Need To Know About The Sovereignty Agenda

AI sovereignty has become a top priority for states as concerns deepen over economic and technological interdependence and governments begin to prioritise security and regulatory control over efficiency. Businesses must start accounting for these sovereignty initiatives, particularly as regulatory blocs enact frameworks with extraterritorial effect.

What does the drive towards AI sovereignty mean for businesses?

AI has become a primary engine for economic growth. Its development has compelled governments and businesses to balance the desire for centralised control against the practical reality of cross‑border interdependency. 

Yet current geopolitical and security concerns have caused many countries to rethink their acceptable level of global interconnectedness and sovereignty dilution.

Sovereignty concerns will differ, not least because some nations are far ahead in developing their own AI ecosystems while others are simply not in the same race. This means business operations must adopt a sliding scale of AI autonomy when working across jurisdictions. 

Some states have the economic, technological and infrastructural firepower to seek more control and autonomy over AI. Although nearly all countries have been forced to accept dependency on foreign technology, infrastructure, expertise and supply chains, the largest economies, such as the US, the EU and China, have the capacity to advance AI sovereignty as a national or regional security priority.

“The main distinction I see is between larger markets trying to ensure AI capability and development and smaller markets that just want ethical and safe use of AI,” says Daniel Chia, managing director and head of litigation at Prolegis LLC, the firm’s Formal Law Alliance partner in Singapore. “For the US, Europe and India to some extent it is seen as a national security issue where they don’t want to be left behind.” 

The EU, in particular, is taking steps to ensure security and reduce dependence. An early signal of intent is the EU’s Industrial Accelerator Act, proposed in March 2026, which imposes “EU origin” requirements in relation to public procurement and subsidy schemes in relation to certain strategic sectors. While these do not currently encompass AI, the Act is seen as a harbinger for further sovereignty initiatives, including the Cloud and AI Development Act, expected in May and the broader reform of the EU’s public procurement rules, slated for July, both of which will likely pursue AI-related autonomy.

How are regulators approaching sovereignty concerns?

At the same time, jurisdictions are seeking to exert control over AI through regulatory initiatives designed to secure safe AI development and deployment.

The pace in AI development is posing a challenge to regulatory compliance generally. “One of the reasons the EU AI Act took so long to negotiate and finally adopt, is that legislators were always chasing a moving target,” explains Dr Morris Schonberg, a Brussels-based partner in the firm’s regulatory practice. “New features and functionalities were coming up as soon as the ink was dry and that does give rise to an inherent degree of regulatory uncertainty.” 

More generally, the pace and direction of change will also be guided by the balance between regulation and innovation. 

“The divergence in AI regulation across jurisdictions will be seen in which jurisdictions heavily regulate and which jurisdictions take a much more hands-off approach – and this is really all to do with the debate between the role of regulation and the role of innovation,” adds Schonberg. “There are jurisdictions that consider the costs to innovation and investment and there are other jurisdictions that take much more of a product-safety approach to this area.”

China, for example, appears to perceive its AI journey in part through the lens of sovereignty: it has enacted specific laws to fuel innovation and focus on national security and data localisation with the aim of competing with the US for dominance in AI.

What are the potential benefits of regulatory divergence?

With many nations seeking to attract and develop AI industries within their own borders, it provides the opportunity for AI leaders to take strategic decisions on where to locate their operations.

“The real tension will appear when corporate entities develop frontier AI and have the ability to set up anywhere in the world,” suggests Chia. “If some of these current service providers are not happy with the regulations, do they up and move? And if they do, what happens to the existing supply chains in that jurisdiction? How do those nations attract service providers and prevent service providers from redomiciling their operations elsewhere?”

In this instance, a nation or region’s economic competitiveness in AI terms will be affected by its regulatory approach. “I think the more important AI becomes, including the whole value chain and infrastructure that supports it, some nations might categorise it as critical infrastructure, and that will impact the regulations and compliance with those regulations,” says Simone Hui, a senior consultant in the firm’s Hong Kong dispute resolution team. 

How can businesses establish effective AI compliance structures?

For businesses that operate in the AI sphere and those that deploy AI tools, it is vital they understand the regulatory landscape and how to stay ahead of new directives. With a volatile environment and regulatory divergence across jurisdictions and regions, this is not straightforward. 

For businesses with operations spanning multiple jurisdictions, many have chosen to adopt a relatively high watermark approach to compliance, while building in the flexibility to allow for geographic variations. In this context, Schonberg points to the EU AI Act as an effective yardstick for effective compliance in the same way that the EU’s General Data Protection Regulation (GDPR) provided a global benchmark for data protection compliance. 

Ultimately, if you comply with the EU AI Act, then you are in a good starting position when it comes to other regulatory frameworks.

Dr Morris Schonberg
Partner, Brussels

“Ultimately, if you comply with the EU AI Act, then you are in a good starting position when it comes to other regulatory frameworks,” he notes. “Businesses can take a well established framework like the EU AI Act as their baseline, and then can tweak it as necessary depending on the jurisdiction.” 

Resort to the EU AI Act is reinforced by its broad extra-territorial effect in that it applies in principle not only to developers and deployers of AI that are based in the EU but also those outside the EU where the AI outputs are used inside the EU. 

Finally, given that AI regulations will build on existing tech regulation, organisations can adapt systems and processes that are already in place for other tech regulatory regimes, such as online safety, data protection and cyber security, and apply them to new AI regulatory regimes.

“The tools, systems and methodologies of compliance should be similar to other overarching regulatory compliance frameworks that businesses use,” Schonberg concludes. “The idea is not to reinvent the wheel, but rather to take existing tools and processes that are already in place and adapt as necessary.”