EMEA Companies Prioritize AI Sovereignty While Lagging in Infrastructure Visibility

According to a survey released by IBM, many business leaders in the Europe, Middle East, and Africa (EMEA) region view AI sovereignty as a strategic priority. However, it has become clear that a majority of companies lack sufficient visibility into the actual infrastructure supporting their AI systems. The contradiction—'we know it's important, but we don't understand what is running where'—is spreading across enterprises throughout the EMEA region.

The term 'AI sovereignty' as used here refers to a state in which a company or country can control the data and infrastructure used in operating AI systems. Europe has strict data regulations, including the GDPR (General Data Protection Regulation), which impose clear accountability requirements regarding where data is stored and who processes it. This regulatory environment serves as a backdrop for heightened interest in AI sovereignty. Additionally, rising geopolitical tensions and concerns about the concentration of cloud services among U.S. and Chinese companies are further driving the growth of sovereignty consciousness.

What IBM's survey has highlighted is the significant gap between management perception and operational reality. While the commitment to strategically leverage AI has grown stronger, few executives have accurate visibility into which infrastructure their AI systems run on or where their data is stored and processed. In other words, although there is a desire to 'protect sovereignty,' the prerequisite visibility itself is lacking—revealing a structural problem.

This survey result suggests that the debate surrounding AI sovereignty is transitioning from 'policy declaration' to 'implementation verification.' Without understanding the actual state of infrastructure, it becomes difficult to confirm whether data remains within the region or to demonstrate regulatory compliance. To make sovereignty substantive, the first essential step is to gain visibility into what the company's AI systems are doing and where they are doing it.

As enterprises move into the stage of full-scale AI adoption, infrastructure transparency transcends compliance requirements and becomes an issue of business risk management. For example, if a cloud service provider suddenly changes policies or if geopolitical changes restrict access to services, the organization needs the capability to immediately detect and respond to such impacts. This survey indicates that many companies currently lack such preparedness.

Going forward, the challenge for EMEA enterprises lies in translating awareness of sovereignty into 'actual infrastructure management capability.' The establishment of tools and systems to visualize which portions of AI systems are controllable internally and which portions are dependent on external providers is expected to emerge as a priority management issue. IBM's survey can serve as a starting point for the industry as a whole to share this awareness.