Liz Kendall’s RUSI speech this week called AI “the currency of the future”, but the line that should worry British boardrooms came halfway through: countries like Britain are now at risk of dependency on a handful of companies with oligopolistic control over vital digital infrastructure. For UK enterprises buying foundation models, embedding Palantir in their stack or routing communications through Starlink, the politics has become procurement. A sovereignty argument running through Westminster is starting to shape what businesses can safely depend on, and from whom.
When alliance becomes a protection racket
The current White House does not do alliances in the conventional sense. Leaked Pentagon memos floating US opposition to Britain’s Falklands claim, threats to scrap UK-US trade deals, and Trump’s threatened tariffs against European leaders he calls Middle East cowards have made the price of access explicit: military bases, deregulation for friendly businesses, and political deference. Kendall’s speech is the first significant ministerial response to argue that depending on a partner this transactional is no longer a defensible default for the UK’s digital substrate.
Strategic Reality: For most UK enterprises, vendor selection has been a question of capability and price. It is now also a question of which government’s leverage you are accepting. That shift has not yet reached most procurement scorecards.
This is not a continuation of long-running tech-nationalism debates. It is a sharper, narrower argument: in a world where US companies hold near-monopoly positions across foundation models, cloud, satellite communications and defence-grade analytics, dependency is exposure. Kendall’s pitch is for cooperation among “middle powers” — democracies in Europe, Japan, South Korea, Canada and Oceania — to build redundancy into critical AI infrastructure. Her predecessor in the diplomatic conversation, Peter Mandelson, had argued the opposite case days before his sacking: Britain is destined to side with Washington in a world carved into US and Chinese digital spheres.
The real story: a structural argument, not a political one
The Mandelson/Kendall split matters because both views can be right at once. Mandelson’s realism reflects the asymmetry of power and the cost of building indigenous capability. Kendall’s reframing reflects the risk of being captive to a counterparty whose loyalty is conditional and whose appetite for using infrastructure dependence as leverage is now overt. The Anthropic case underlines the point: the company has been blacklisted as a national security risk by the Trump administration for refusing to license Claude for autonomous lethal weapons systems and domestic surveillance. The administration is willing to punish a model provider that refuses an ask, which means the next administration in any allied capital could face the same pressure on behalf of its enterprises.
Where UK enterprises sit today
| Vendor stack layer | Dominant provider profile | Sovereignty exposure |
|---|---|---|
| Frontier foundation models | US-headquartered (OpenAI, Anthropic, Google) | High — administration can pressure access, terms, alignment |
| Defence and public-sector analytics | US-headquartered (Palantir embedded in NHS and MoD networks) | High — explicit US-supremacy mission stated by vendor leadership |
| Critical communications | US-headquartered (Starlink) | High — single-owner discretion over wartime data flow |
| Cloud and compute | US hyperscalers with UK regions | Medium — physical UK presence, US legal jurisdiction |
| Open-weight model deployment | UK/EU integrators, mixed model provenance | Low to medium — depends on weight licensing and update channels |
The Behr column captures the practical version of this exposure cleanly: UK ministers and advisers who have discussed the scenario where Elon Musk controls the flow of military intelligence in a European war find the prospect “terrifying”. The same logic applies, less dramatically but no less concretely, to NHS workloads on Palantir, financial-services workflows on US foundation models, and supply-chain communications routed through Starlink terminals. None of those choices were wrong when they were made. They are now choices about which country’s discretionary politics you are absorbing.
Deep dive: what middle-power positioning actually buys
Kendall’s middle-power coalition is, today, rhetoric. There is no procurement mechanism, no joint regulatory framework, no shared compute pool that a UK business can buy from. Mark Carney made the same call at Davos this year and got the same polite reception. So the strategic question for businesses is not whether the coalition will materialise quickly, but what changes if you act as though it might.
Strategic Insight: Middle-power positioning is less about replacing US vendors and more about building optionality. Optionality has a price — usually 10 to 20 per cent on procurement, slower iteration cycles, and more contract complexity. That price is now defensible in a way it was not in 2024.
For enterprises with strong US-vendor dependencies, the immediate work is mapping where dependency converts into hard exposure: contractual terms, data residency, kill-switch language, regulatory jurisdiction over training and inference, and the named decision-makers in vendor leadership whose public positions on US supremacy or domestic surveillance affect your brand by association. Few UK enterprises have audited their AI stack at that level. The Teneo data on public attitudes — already showing safety, misuse and loss of control as the dominant worries above jobs — suggests the public will reward firms that can articulate why their AI stack is trustworthy in those terms, not just compliant on paper.
Stakeholder impact
| Stakeholder | Why this matters | What changes in 2026 |
|---|---|---|
| Procurement and IT leaders | Vendor concentration is now a board-level risk, not an IT preference | Stack diversification frameworks need geopolitical inputs |
| Risk and compliance | Geopolitical risk has become operational, not theoretical | Vendor due diligence extends to vendor-country political alignment |
| CEO and board | Brand exposure to vendor-leadership political positions is rising | Public-licence narrative now has to address vendor provenance |
| Public-sector clients | Departments are quietly tightening sovereignty requirements | Bidding teams need credible non-US or hybrid offers |
| Customers and citizens | Public concern is shifting from jobs to misuse, fraud, control | Trust narrative depends on visible accountability of the stack |
Strategic recommendations: build for resilience, not for autonomy
The temptation in any sovereignty conversation is to swing too far towards autonomy — domestic models, domestic compute, domestic everything. That is neither affordable nor wise. The UK does not have, and will not soon have, frontier model providers at parity with the US incumbents. China’s offerings are politically unviable for most regulated UK businesses. Building indigenous capability where there is no comparative advantage is industrial cosplay. What is feasible, and what Kendall’s framing implies, is resilience: a stack where no single counterparty can degrade your operations, your data sovereignty or your brand by unilateral decision.
Implementation Note: A resilience-first stack does not mean replacing US vendors. It means refusing to let any single vendor — US, EU or otherwise — sit on a critical path with no fallback. The cheap version of this is contractual; the durable version is architectural.
Priority actions by AI maturity
| Maturity stage | Immediate action (next 90 days) | Strategic action (next 12 months) |
|---|---|---|
| Early adoption | Inventory vendors by country of headquarters and political exposure | Build vendor diversification scorecard into procurement |
| Pilot to scale | Audit critical workflows for single-vendor dependency | Pilot middle-power or EU-headquartered alternatives in non-critical paths |
| Operationalised | Run a sovereignty scenario exercise (vendor pulled, terms changed) | Establish dual-vendor architecture for top-three workloads |
| Mature | Embed geopolitical risk in board-level AI risk reporting | Lead sectoral conversations on middle-power procurement standards |
The pattern across maturity stages is the same: visibility first, optionality second, architecture third. Most UK enterprises will discover during the visibility step that they have considerably more US-vendor concentration than their formal risk registers suggest, because the foundation-model layer was bought through different procurement channels than the cloud layer, and Palantir or Starlink dependencies often sit inside line-of-business platforms rather than the central AI stack.
Hidden challenges Kendall did not name
Sovereignty rhetoric reads cleanly. Implementation is messier. Four challenges sit underneath the speech that UK enterprises should plan for explicitly.
Competitive Reality: The friction between Brexit-era regulatory autonomy and the gravitational pull of EU alignment is now a live operational question. A UK business serving EU customers cannot ignore the AI Act, and a US-aligned regulatory stance complicates participation in any middle-power digital coalition. There is no comfortable middle ground; there is a choice to make.
First, infrastructure has physics. Computing infrastructure is greedy for energy and thirsty for water. The US is already seeing a public backlash against datacentres. The UK will see the same if domestic compute scales as much as a sovereignty agenda implies. Enterprises that assume sovereignty equals UK-hosted compute should price in planning friction and community opposition, not just construction cost.
Second, dependency hierarchies do not collapse evenly. A UK business that switches its foundation model provider has not improved its sovereignty position if the new provider runs on the same hyperscaler in the same legal jurisdiction. Real diversification operates at multiple layers — model, compute, networking, identity, observability — and most middle-power alternatives only exist credibly at some of those layers today.
Third, Anthropic’s position is unstable in a way most procurement teams have not modelled. The company refused two government asks (lethal autonomy, domestic surveillance) and is now classified as a national security risk by the administration. That is a reasonable trade-off for the company’s customers in some respects and an operational vulnerability in others. Procurement teams need to be modelling the chance that any frontier US vendor finds itself in a similar dispute, with any administration, over the next 36 months.
Fourth, the middle-power coalition has no operating mechanism. There is no shared procurement vehicle, no joint compute pool, no agreed regulatory standard. UK enterprises moving early get to shape what the mechanism looks like, but they get there before there are off-the-shelf options. That is opportunity for first movers and friction for everyone else.
The strategic takeaway
The core shift in 2026 is that vendor selection in AI is now a political act, whether procurement teams treat it as one or not. UK enterprises that have spent two years optimising for capability and price are about to discover that their board, their regulator and their customers are starting to ask a different question: who do you depend on, what do they depend on, and what happens to you if either of those answers changes?
Success Factor: Three things separate enterprises that get this right from those that do not. First, visibility — a real audit of vendor concentration at every stack layer, with country and political exposure tagged. Second, optionality — at least one viable alternative at every critical path, even if it is not the day-to-day choice. Third, narrative — a story about your AI stack that can survive scrutiny from a regulator, a public-sector client and a worried customer.
For UK businesses, the question is not whether Kendall’s middle-power coalition will succeed at the level of statecraft. It is whether your organisation is willing to operate as if it should — and to enjoy the optionality that comes with that posture even if the coalition itself remains rhetoric.
Take Action: Five steps to start in the next 30 days.
- Run a one-page vendor inventory by country of headquarters across the AI stack.
- Identify the top three single-points-of-failure (foundation model, defence-grade analytics, critical communications).
- Add a geopolitical-exposure column to your existing AI risk register.
- Brief the board on the Kendall/Mandelson framing — even if they end up disagreeing with both.
- Open one conversation with a non-US-headquartered vendor at one critical layer, even if you do not switch.
The Behr column closes with the observation that Trump’s tyrannical temperament is contained within the old world of analogue power, and that he could be the last president of whom that is true. Whether or not that is right at the level of geopolitics, it is right at the level of business strategy. The next phase of AI dependency, on present trajectory, will be more politically loaded than the current one. UK enterprises that build optionality now will be better placed for what arrives next, regardless of which administration is in Washington when it does.
Source: Rafael Behr, “In the coming AI future, Britain must not end up at the mercy of US tech giants”, The Guardian, 29 April 2026, with reference to Liz Kendall’s RUSI speech on AI sovereignty.
About Resultsense: Resultsense is a UK AI advisory practice helping enterprises translate AI policy, governance and procurement shifts into operational decisions. Get in touch via the contact page to discuss how middle-power sovereignty positioning applies to your AI stack.