The EU just delayed its own deadline. That doesn’t make “are we sovereign?” any easier to answer, it proves nobody had a way to measure it in the first place.
On August 2, 2026, the EU AI Act’s market surveillance authorities gain full power to investigate and sanction AI Act breaches, GPAI provider penalty powers activate, and Article 50 transparency obligations come into force for most AI systems in production. That date is not the 2 December 2027 date now circulating as the deadline: that one applies specifically to high-risk Annex III obligations, deferred by the Digital Omnibus agreement Parliament and Council finalized in June. The enforcement powers themselves were not delayed, only the high-risk compliance timeline moved. Most of the commentary racing around Sovereign AI right now, some of it published as recently as this spring, was written against a single deadline that has since split in two. Getting that distinction wrong is the wrong thing to get wrong right now.
The Question Nobody Answers With a Number
Ask a board member, a CISO, or an infrastructure lead whether their organization is sovereign AI ready, and you’ll get a confident answer with no number attached. McKinsey’s December 2025 survey of 300 executives and government officials found 71% now describe sovereign AI as an existential concern or strategic imperative. Vision Compliance’s 2026 readiness report found 78% of organizations have taken no meaningful steps toward AI Act compliance, 74% have no designated owner for it, and 61% have no process for producing the technical documentation regulators will ask for.
Globally, fewer than 30 countries even have compute infrastructure capable of running sovereign AI workloads at all.
Put those next to each other and the picture isn’t complacency. It’s confidence with no measurement behind it. Executives rate sovereignty as existential. Compliance teams can’t produce a number that says where they actually stand. Every conversation about Sovereign AI so far, including our own, has described what sovereignty requires. Almost none of them have described how you’d actually score it.
Why the Regulators Can’t Hand You a Rubric Either
There’s a reason nobody is waiting on Brussels to supply the missing scorecard. As of mid-2026, only around 10 of the EU’s 27 member states show advanced public evidence of having designated the market surveillance authorities the Act requires; 12 have partial or pending designations; six have designated nothing at all. The bodies meant to inspect and sanction AI systems are, in a meaningful share of member states, still assembling themselves.
That’s not a criticism of the regulators, standing up a technical inspection capability for a category of system that behaves differently every time you look at it is a genuinely hard problem. But it means any organization waiting for a regulator-issued checklist to tell it whether it’s compliant is waiting for something that, in most jurisdictions, doesn’t yet exist in usable form. The measurement has to come from inside the organization, because it isn’t coming from outside it yet.
The State of Play
| What the record actually shows | Source |
| 71% of executives now describe Sovereign AI as an existential concern or strategic imperative. | McKinsey survey of 300 executives, investors, and government officials, Dec 2025 |
| 78% of organizations have taken no meaningful steps toward EU AI Act compliance; 74% have no designated owner for it; 61% have no process for producing the required technical documentation. | Vision Compliance, 2026 EU AI Act Readiness Report |
| Fewer than 30 countries worldwide have compute infrastructure capable of supporting sovereign AI workloads at all. | Industry compute-capacity analysis, 2026 |
| Only 10 of 27 EU member states show advanced public evidence of designating the market surveillance authorities the Act requires; 12 are partial or pending; 6 have designated nothing. | EU AI Act national implementation tracking, 2026 |
| The Digital Omnibus (Parliament, 16 June 2026; Council, 29 June 2026) defers most high-risk Annex III obligations to 2 December 2027, but market surveillance enforcement powers, GPAI provider penalties, and Article 50 transparency duties still activate 2 August 2026. | EU AI Act Digital Omnibus agreement, June 2026 |
Independent research and EU implementation tracking on sovereign AI readiness, 2025–2026.
Four Pillars, Because the Alternative Is a Slogan
Every serious effort to describe Sovereign AI eventually reaches the same four dimensions, however it’s phrased: Infrastructure, Governance, Security, and Data. That’s not an arbitrary list. It’s a dependency chain. No policy can be enforced on infrastructure that can’t be observed. No security control means much if the environment it’s protecting was provisioned outside any governance process. No governance framework can produce audit evidence from systems that were never built to generate it in the first place. Skip the bottom of that chain and every layer above it is a compliance facade sitting on top of ungoverned infrastructure.
That structure is useful precisely because it resists the instinct to treat sovereignty as one thing. It isn’t. It’s four separate, unevenly matured capabilities, and an organization can be strong in one and dangerously exposed in another without ever finding out, because nobody is measuring the four separately.
What Measuring Actually Requires
A real measurement framework has to do three things a policy checklist doesn’t: weight criteria differently depending on who’s asking, distinguish requirements that are non-negotiable from those that are merely good practice, and score maturity on a continuum rather than pass/fail.
Take five representative criteria from a sovereign AI infrastructure assessment built this year, each scored on the same five-point scale regulators increasingly expect to see evidenced. Not started, Planning, In progress, Mostly done, and Complete.
- Governed Environment Provisioning, do AI workloads run only in environments provisioned through policy-governed templates, with no ad-hoc deployment path available at all?
- AI Agent Infrastructure Permissions, when an agent provisions or modifies infrastructure, is its access scoped and logged, or does it inherit standing permissions nobody scoped for that specific task?
- Compute Residency Enforcement, is jurisdictional residency enforced architecturally at provisioning time, or only assumed contractually because a vendor’s terms of service say so?
- Cryptographic Sovereignty, are encryption keys held by the organization or a trusted domestic provider, or does a cloud vendor retain unilateral key access regardless of where the data physically sits?
- Inference Data Boundary Control, is data processed during inference kept inside sovereign boundaries, or can it reach a foreign model API with no governance in the loop?
Each criterion is tagged hard or soft, hard criteria are the ones a regulator treats as non-negotiable; soft criteria are best practice that strengthens the posture without being the line an auditor draws. And each is weighted differently depending on who’s answering: a CISO weighs agentic threat surface and cryptographic control more heavily than a board member does; a board member weighs named accountability and demonstrable evidence more heavily than implementation detail. Score every criterion, weight it by role, and you get something a slogan never produces: a number between 0 and 100, and a maturity band that number actually means.
What the Number Means
| Score band | What it means operationally |
| 0–24 — Exposed | Material regulatory and operational risk. Immediate action required on hard criteria before enforcement powers activate. |
| 25–49 — Aware | Visibility of the problem with some activity underway. Significant execution gaps remain, particularly on operational enforcement. |
| 50–69 — Developing | Foundational controls in place. The gap sits between policy intent and operational reality, especially for agentic workloads. |
| 70–84 — Progressing | Strong baseline with identifiable gaps. Focus shifts to hardening enforcement, closing agentic governance gaps, and audit readiness. |
| 85–100 — Operationally Sovereign | Infrastructure sovereignty is operationally enforced, not just documented. Governance is a capability, not a compliance exercise. |
Maturity bands from Quali’s Sovereign AI Infrastructure Readiness Assessment.
The 78% of organizations that have taken no meaningful steps, per Vision Compliance’s own numbers, aren’t lying when they call sovereignty a strategic priority. They’re reporting genuine intent and a number they’ve never actually calculated. Most of the market, assessed honestly today, would land in Exposed or Aware, not because the effort hasn’t started, but because nobody could previously show them where the bar was.
Where Torque Fits, and Where It Deliberately Doesn’t
This is the point where most vendor content pivots to a claim that its platform solves Sovereign AI outright. That claim doesn’t survive the four-pillar structure, and pretending otherwise is exactly the kind of overreach a serious measurement framework is built to expose. Applied honestly, Torque’s contribution is asymmetric by design, strong in the layer it was built for, deliberately partial everywhere else:
| Pillar | What Torque actually provides | What’s still yours to solve |
| Infrastructure — primary domain | Governed environment provisioning, policy-enforced blueprints, and full attribution of every action, human or agent. | Nothing, this is the layer Torque is built to own. |
| Governance — enabling layer | Policy enforced operationally at provisioning and runtime; an audit trail that is structural, not assembled after the fact. | Your compliance function still owns the policy itself, Torque gives it evidence, not judgment. |
| Security — specific contribution | Scoped, policy-bound permissions for agents acting on infrastructure, enforced at agent speed. | A full security stack, identity, network, endpoint, sits outside Torque’s scope. |
| Data — partial, infra-layer only | Infrastructure-layer lineage: access logs, provisioning records, agent action trails. | Training data rights, model provenance, and cross-application data policy need dedicated data governance tooling. |
Torque’s honest contribution across the four sovereignty pillars.
That asymmetry isn’t a weakness in the pitch. It’s the only version of the pitch a CISO, a regulator, or a skeptical board member should actually trust. A platform that claims equal strength across all four pillars is making the same undocumented, unscored claim as the executives in McKinsey’s survey. One that shows exactly where it’s strong, where it’s partial, and where it hands off to something else is the only one whose score anyone can defend.
The Method the Mandate Never Came With
The deadline that was supposed to force this measurement into existence just split into two. The risk it was measuring didn’t move at all. Twenty-one days from now, regulators gain enforcement powers whether or not the rubric they’ll use is finished, and most organizations still won’t be able to answer the only question that will actually matter in the room: not “do we have a sovereignty policy,” but “what’s our number, and can we defend it.” That’s a measurement problem before it’s a compliance problem, and right now, it’s the part almost nobody has built.
Score It Yourself, in Five Minutes
There’s a way to get that number for your own organization, not a consultant’s estimate, an actual score. The Sovereign AI Infrastructure Readiness Assessment below runs the same four-pillar structure this piece just walked through: thirteen criteria, weighted by role, scored on the same five-point scale, returning a number between 0 and 100 and the maturity band it falls into. It takes about five minutes. Nothing you enter is collected, logged, or stored, there’s no lead form standing between you and your own answer. It exists to do one thing: give you the number this article argues almost nobody currently has.
December 2027 sounds far away, and treating it that way is the mistake. It isn’t a fixed target you can measure once and file, every AI system deployed between now and then, every new agent given infrastructure access, every inference pipeline stood up in the meantime, becomes part of what eventually has to be accounted for. The gap doesn’t hold still while the deadline sits out there; it grows with every workload added to it. Score your infrastructure now, while the surface is still something you can reasonably map, not in eighteen months, against whatever’s grown in the meantime.
No data is collected or tracked. This assessment is a guide only. Nothing you enter is stored or shared.
To see Torque in action, visit the Torque playground, and book a live demo to see how Torque delivers AI governance and cost control to solve the challenge of governance at machine speed.