Aggregate publicly disclosed sovereign AI compute commitments now exceed $45 billion across roughly two dozen national programs, with binding capacity targets, named sites, and named hardware partners. The figure was below $5 billion in 2023. The trajectory implies that by 2030, nation-state funded AI infrastructure accounts for more than thirty percent of new global capacity additions. The tenant is sovereign. The credit is sovereign. The contract duration is twenty-five to thirty years. The security posture requires ITAR-cleared design, FOCI mitigation, and CFIUS-acceptable governance from inception. None of these variables fit the hyperscaler underwriting model that defined the 2020 to 2025 build cycle.
What Sovereign Compute Actually Is
The United Kingdom committed over £900 million to AI Compute infrastructure, anchored by Isambard-AI at the University of Bristol and the Dawn supercomputer at Cambridge. The UK Compute Roadmap, published by the Department for Science, Innovation and Technology, commits to a twenty-fold increase in publicly funded compute capacity by 2030. The AI Growth Zones designation, announced in the 2025 AI Opportunities Action Plan, identifies specific geographies where planning, grid access, and security review are pre-cleared for sovereign-grade builds.
The European Union's AI Factories initiative spans thirteen designated sites with over €7 billion in committed funding through the EuroHPC Joint Undertaking. Named factories include Bologna, Jülich, Barcelona, Linköping, Bissen, Kajaani, Sofia, Athens, Bratislava, and Maribor. Each site is structured as a public-sector compute facility with defined access tiers for academic, public, and qualified private users. The capital is European Commission and member-state appropriation, not merchant equity.
The United Arab Emirates closed Microsoft's $1.5 billion strategic investment into G42 in April 2024 with explicit US government security conditions, including governance changes at G42 and managed divestment from designated Chinese technology positions. The Stargate UAE announcement in 2025 committed to a 1 gigawatt campus structured jointly with OpenAI, Oracle, and Emirati sovereign capital. The Mohamed bin Zayed University of Artificial Intelligence operates a parallel funding stack for research-grade compute.
Saudi Arabia launched HUMAIN in May 2025 with Public Investment Fund backing as the kingdom's national AI champion. SCAI, the Saudi Center for AI, and ALAT, the PIF industrial subsidiary, form a stacked sovereign capital structure pointing at both domestic compute and outbound AI infrastructure investment.
India's IndiaAI Mission was approved by the Union Cabinet at ₹10,372 crore, approximately $1.25 billion at announcement. The Yotta DGX SuperPOD partnership with NVIDIA established the first phase of the IndiaAI Compute capacity build, with near-term targets above 10,000 GPUs and 2030 targets above 100,000 GPUs allocated to qualified Indian users at subsidized rates.
Japan's Ministry of Economy, Trade and Industry committed 200 billion yen to AI compute infrastructure subsidies through the GENIAC program. Sakana AI's sovereign stack and the National Institute of Advanced Industrial Science partnerships form the operating layer.
France has committed over $2 billion through the Iliad and Free AI infrastructure program, with Scaleway operating the sovereign cloud layer. The French AI Strategy 2030 figures point to €2.5 billion in cumulative public funding by 2030.
South Korea announced its $7 billion K-Cloud and K-Cloud 2.0 plan in 2024, structuring sovereign compute as both a domestic industrial policy instrument and an allied-coordination asset.
Singapore's National AI Strategy 2.0 includes AI Singapore compute allocations structured through the National Supercomputing Centre. Canada's $2.4 billion AI Compute Access Fund, the largest single line item in the Canadian Sovereign AI Compute Strategy, formalizes a comparable architecture.
The pattern across jurisdictions is consistent. Public capital, named champions, ten-year capacity targets, and pre-cleared geographies.
The Capital Structure Difference
Hyperscaler underwriting assumes a ten to fifteen year power purchase agreement, investment-grade corporate credit, and a tenant whose worst-case scenario is a market cap drawdown. Sovereign compute underwriting assumes twenty-five to thirty year power purchase agreements, sovereign credit, and a tenant whose continuity is denominated in national budgets and treaty obligations.
The pricing implication is mechanical. A sovereign-credit twenty-five year PPA prices 100 to 200 basis points below a merchant hyperscaler PPA on equivalent capacity. The duration advantage compounds across the financing stack. Sovereign-rated debt embedded in capacity offtake unlocks project finance structures that merchant compute does not access.
FOCI mitigation becomes a standard SPV-level structure rather than a discretionary review item. The mitigation architecture, drawn from the defense industrial base playbook, defines board composition, security clearance requirements for designated officers, and information access controls at the entity level. The SPV is built FOCI-compliant on day one, not retrofitted at close.
ITAR-cleared facility design moves from a specialty buildout to the default. Compartmentalized access, badging architecture, cleared maintenance vendors, and ITAR-compliant procurement flow through the design specification. The incremental capital cost is meaningful but absorbed within sovereign-tier pricing.
The Cleared Workforce Bottleneck
The United States has approximately 80,000 engineers holding active security clearances at Secret or above with technical specializations applicable to data center design, construction, and operations. The figure is derived from Department of Defense clearance population data, the Office of the Director of National Intelligence annual report, and contractor census data from the cleared facility ecosystem.
The geographic concentration is severe. The Washington-Baltimore corridor, the San Antonio defense cluster, the Huntsville and Colorado Springs corridors, and the Silicon Valley cleared population together account for more than seventy percent of the cleared technical workforce. Sovereign-grade campuses sited outside these corridors carry a structural labor disadvantage measured in months of clearance reciprocity processing and a wage premium in the range of fifteen to thirty percent over uncleared equivalent roles.
The bottleneck is not labor in the abstract. It is cleared labor with the specific combination of clearance level, technical domain, and willingness to relocate that a sovereign campus requires. The pipeline through the National Industrial Security Program is slow by design.
CFIUS And FOCI As Underwriting Variables
The Committee on Foreign Investment in the United States now reviews compute infrastructure transactions as a recognized category. The Microsoft-G42 transaction structure, with its embedded governance conditions and managed divestment commitments, established a documented precedent. The Chinese investor exclusion patterns visible across 2023 to 2025 CFIUS outcomes formalized a second precedent. The G42 commitments, including the public divestment of specific Chinese technology positions, established a third.
The consequence for underwriting is direct. Equity sources, debt sources, vendor relationships, and tenant identity are all CFIUS-review surface area. A campus capitalized with a non-US-allied limited partner at a meaningful stake is structurally ineligible for sovereign tenancy in the United States and increasingly in allied jurisdictions. FOCI mitigation operates as the operational standard at the entity level. CFIUS operates as the gatekeeping standard at the transaction level. Both become standard inputs to the underwriting model rather than exceptional reviews.
The entitlement implication is that campuses without ITAR-cleared design specifications and sovereign-acceptable governance become uninvestable for the sovereign tenant tier. The merchant alternative remains available, but at the merchant credit tier and merchant pricing.
Allied Co-Investment
The United Kingdom, Japan, the United Arab Emirates, Saudi Arabia, South Korea, and Australia are each visible in early-stage allocations into US-sited campuses structured for allied compute access. The architecture takes two forms. The first is direct sovereign limited-partner participation in qualified SPVs, with FOCI mitigation structured to accept allied government investors under treaty-recognized exemptions. The second is bilateral access arrangements where a sovereign partner funds a designated capacity block in exchange for guaranteed allocation rights.
The political economy is shifting. Allied compute, framed as a coordination asset rather than a national asset, allows multiple sovereign partners to participate in a single campus without each building a domestic full-stack equivalent. The capital efficiency for smaller allied sovereigns is significant. The geopolitical signaling, which binds compute access to alliance posture, is the more durable effect.
Multi-sovereign campuses are an emerging structural form. Co-investment is structured at the SPV level, with separate capacity tranches per sovereign and shared facility cost. The governance is layered. The legal architecture borrows from defense industrial base joint venture precedent.
The 2030 Picture
By 2030, sovereign tenants represent the highest-credit longest-duration capacity offtake in the market. Pricing on sovereign capacity prints 100 to 200 basis points inside merchant hyperscaler pricing on equivalent specifications. Multi-sovereign campuses are an established structural form. US allies co-invest into US-sited campuses for allied compute access on a routine basis.
The sovereign-acceptable design specification becomes a published public standard. The National Institute of Standards and Technology and the Department of Energy jointly document the specification covering FOCI mitigation requirements, ITAR-cleared design defaults, cleared workforce attestations, and supply chain provenance. The specification becomes a binary gate. Campuses inside the specification are eligible for sovereign tenancy. Campuses outside the specification are not.
The thirty percent figure understates the directional pull. Sovereign tenancy at thirty percent of new additions sets the credit, duration, and security floor for the remaining seventy percent. Merchant capacity in adjacent geographies prices off the sovereign comparable. The hyperscaler underwriting model, which assumed merchant tenancy as the marginal pricing reference, inverts.
The operating reality of the AI infrastructure stack converges with the operating reality of the defense industrial base. The capital tools converge. The workforce constraints converge. The governance specifications converge. By 2030, the boundary between a sovereign compute campus and a defense facility is a paperwork distinction more than an architectural one.