This means that the debate about digital sovereignty essentially raises the same questions as in the context of the supply chain:
- How big is our “cluster risk”?
- Where have we grown into dependency over time?
- How quickly are we able to act when conditions change?
This involves several levels: data locations, legal requirements, operations and technical control over the platforms used.
For example, if the cloud provider fails, regulatory requirements restrict operations in certain regions or export controls limit access to critical technologies. In an emergency, dependence on software platforms or central core systems can mean that companies can no longer freely dispose of their processes and data.
The answers to these questions are also similar to those of the supply chain problem: Just as a modular product portfolio makes companies flexible in procurement, a modular, standardized architecture in IT ensures more flexibility. A clean ERP core – keyword Clean Core –, open interfaces, portable data and clearly documented processes are the digital counterpart to a qualified second supplier. They create the conditions for having a choice if necessary.
Artificial intelligence creates new dependencies
With the rapidly increasing use of artificial intelligence, the topic of digital sovereignty is taking on a further dimension. Companies are increasingly integrating language models and AI agents into their business processes using SAP Business AI, for example. They automate processes, provide support with decisions and accelerate the development of new products and services.
The Anthropic case in June 2026 showed how quickly this can become a strategic risk: US authorities ordered the AI company to block its latest model for non-US citizens – for national security reasons. The company reacted – and blocked access to its most advanced AI models worldwide.
