Home
You’re currently viewing our content for All Regions.
You can switch to a different region:
June 23, 2026
“We start by reframing the question. Sovereignty isn’t a product you buy or a region you select. It’s a property of the entire data lifecycle.”
Most conversations across Australia today represent only one dimension of sovereignty.
For Demelza Green – co-CEO of Patient Zero – true sovereignty extends beyond technology and infrastructure, it also encompasses people, skills and decision-making capability.
Once an organisation actually maps that lifecycle, then the trade-offs can become concrete.
“Most workloads don’t need maximum sovereignty but some absolutely do,” Green continued.
“Treating it as binary is what causes organisations to either over-engineer the safe stuff or under-protect the critical stuff. We push customers to make the call deliberately, workload by workload, with sovereignty as one input alongside cost, performance, and capability.”
Based in Brisbane, Patient Zero is an Australian owned and operated software engineering and consultancy firm run by three co-CEOs – Green, Dan Dekel and Paul Seymour. The framework used by the team in sovereignty conversations covers four layers:
The data layer covers where it is, but more importantly, who has jurisdictional reach over it.
For example, the US CLOUD Act lets US authorities compel American-headquartered vendors to produce data they hold, regardless of where it’s physically stored. A Sydney-based availability zone doesn’t put data outside of its reach.
“APP 8 of the Privacy Act keeps you accountable for what overseas recipients do with your data after you’ve handed it to them,” Green explained. “Residency is necessary, not sufficient.”
On infrastructure, sovereign compute is now becoming a “real option” given that local AI runtimes like Foundry Local are generally available. Plus, Australian GPU capacity is coming online through 2026 and modern AI capability and local control are no longer mutually exclusive.
Specific to the software layer. Green said architecture is a “sovereign choice”.
“A frontier LLM via API maximises capability and jurisdictional exposure,” Green added.
“An open-weight LLM or SLM fine-tuned on your data and hosted on your hardware does the opposite. We help customers pick the right model for the right workload, which usually means your own model for the 90% of use cases where Frontier capability isn’t required, and selective Frontier API calls for the rest.”
The final layer of people is the most overlooked and the one most consultancies skip.
Most of the sovereignty conversations across Australia are happening in the obvious places – data centres are coming online to support AI, cyber risk is on the board agenda and the Privacy Act overhaul is underway.
“These are real and important, and they’re driving real movement,” Green shared. “But they’re well covered, and the more interesting trends are happening alongside them, sometimes in the opposite direction to where the technology is going.”
The clearest example is what the major Australian banks are doing right now. As reported in the Australian Financial Review (AFR), financial institutions have undergone a wave of restructuring with offshoring at its centre.
ANZ has announced around 3,500 job departures by September 2026. NAB confirmed in March 2026 that it would make 447 roles redundant in its business division while creating 237 new offshore positions in India and Vietnam.
Earlier this month, Bendigo and Adelaide Bank announced plans to axe around 10% of its staff, opting to outsource some roles to Infosys, an Indian global system integrator (GSI). Westpac and CBA have pursued similar moves.
“The headline rationale is cost discipline,” Green assessed. “The implicit assumption is that offshore is still meaningfully cheaper than onshore.
“That assumption was true ten years ago. It is much less true now. The cost gap that justified offshore has been eaten by the productivity multiplier.
“When a small Australian team using agentic workflows can produce in weeks what a large offshore team produces in months, the cost-per-feature comparison flips. And you keep your engineering capability, your IP, and your jurisdictional control inside the country.”
The AFR has framed this as a “tech brain drain” and for Green, that framing is correct.
“Every offshored engineering role is a lost domestic capability, an opened IP leakage path, and a created sovereignty exposure that no procurement clause can close,” Green continued.
“Banks are some of the most heavily regulated institutions in the country, and they are also the ones making decisions that hollow out the very domestic capability sovereignty depends on.”
This alludes to the bigger shift in market sentiment. Businesses have stopped treating data residency and data sovereignty as the same thing.
“They’ve started thinking about people,” Green said.
“Where do your developers live? Who has root access? Whose laws do they answer to?
“You can have your data on Australian soil, your model running on Australian compute, and a managed services contract that puts admin credentials with a third party in a jurisdiction you don’t control. That isn’t sovereignty. That’s residency theatre.”
Instead, Green said the mature conversation now treats data, infrastructure, software and people as a single stack. The institutions doubling down on offshore are answering an old version of the question.
“Your sovereignty story is only as strong as the weakest paste of corporate data into a personal ChatGPT account,” Green cautioned.
Shadow AI is the most underestimated risk in Australian enterprises today.
Employees are pasting client information into personal Frontier accounts. Developers are using non-enterprise tiers of Claude Code to ship production code, sending business logic, API keys, and sometimes real customer records to a third party you don’t have a contract with.
Real customer data still sits in non-production environments across most organisations, which multiplies every other risk. AI agents are being given the keys to everything: email, calendars, SharePoint, CRMs, with the cumulative permissions of every system they can reach.
“The offshore engineering model is where these risks compound most quickly, and as we’ve seen with the major banks, it’s a model many organisations are doubling down on at exactly the wrong moment,” Green noted.
“Our approach is to treat the people layer the same way we treat the data layer: scoped, audited and architected.”
That includes Australian engineering teams operating against on-shore infrastructure, strong identity and access controls, enterprise-only AI tooling under managed contracts, no real customer data in non-production environments, and per-task agent permissions rather than blanket access.
In other words, people sovereignty is part of the architecture, not a procurement footnote.
“Where Patient Zero adds the most value is the bit between the strategy slide and the running production system,” Green expanded.
“Most advisors map the trade-offs and hand the customer a deck. We’re a sovereign engineering consultancy, and we go the next mile to actually engineer the system.
“We build the bespoke software, fine-tune the LLMs or SLMs on customer infrastructure, refactor the cloud estate, and embed the orchestrators who run it day-to-day. That’s where strategy becomes real, and it’s the gap most enterprises trip on.”
Since launching in 2015, Patient Zero has specialised in a range of enterprise and government services including application modernisation and legacy migration, embedded teams, software development, product strategy and UX design, plus project rescue work and vendor transition.
Data sovereignty is evolving from a compliance discussion into a broader strategic consideration, although maturity varies significantly between organisations across Australia.
For some, it remains primarily driven by regulatory obligations, risk management and the need to satisfy governance requirements. For others, particularly those operating critical infrastructure, government services or highly regulated industries, sovereignty is increasingly linked to resilience, control and trust.
“Both are in play but the centre of gravity has shifted dramatically,” Green observed.
According to Green, compliance is still the floor but it’s no longer what’s driving the conversation.
Today, the questions are coming from boards worried about geopolitical exposure, directors weighing personal liability and CFOs reassessing the true cost of dependence on foreign technology.
“The compliance pressure is real,” Green emphasised.
“Australia is in the middle of the biggest overhaul of the Privacy Act since 1988. The thread running through the reforms is accountability for the full data lifecycle, from collection to processing to disclosure to deletion.”
The section most directly relevant to AI deployments is the automated decision-making disclosure rule that kicks in on 10 December 2026.
If a computer program (including AI) makes or significantly contributes to a decision that affects someone’s rights or interests, you have to disclose what data feeds it and what kinds of decisions it makes.
Tranche two is expected to go further with mandatory privacy impact assessments, a right of erasure, and a GDPR-style controller/processor distinction that allocates liability between data owners and the vendors that process their data, though the final shape of the reforms is still being worked out.
“None of these obligations work if you can’t map and control your full data lifecycle,” Green highlighted.
“You can’t honour a deletion request if you don’t know where the data lives. You can’t assess an AI system’s privacy risk if you don’t know where it trains or where inference runs. If you can’t map your data, you don’t control it.”
On the strategic side, the world in which the business operates has changed. Geopolitics has stopped being a foreign-affairs abstraction and started showing up on board risk registers.
“The phrase ‘Australian-owned, Australian-hosted, Australian-built’ is starting to win tenders and earn customer preference, which means sovereignty is now a competitive position, not just a defensive one,” Green continued.
“Boards are asking what their kill-switch exposure looks like, and they don’t always like the answer.”
Taking sovereignty seriously also opens up strategic options most organisations had written off. Code is now dramatically faster to produce with agentic workflows, and open-weight models offer near-frontier-grade capability that can host on owned infrastructure.
“Bespoke software on sovereign infrastructure is now, in some cases, genuinely cheaper than perpetual SaaS for predictable workloads, which means a viable exit from large SaaS providers charging six-, seven-, and even eight-figure annual fees on multi-year lock-in contracts,” Green said.
“The customers leading with strategy aren’t just protecting their data; they’re recovering control over their cost base, their roadmap, and their balance sheet.”
For Green, regulated industries get there first because they have to. Everyone else catches up because the economics, the geopolitics, and the regulation are now all pointing in the same direction.
From an ecosystem standpoint, data sovereignty is becoming a more influential factor in platform and vendor selection, but rarely in isolation.
Most organisations still balance sovereignty requirements against cost, functionality, innovation and operational risk. However, in sectors such as government, defence, critical infrastructure and healthcare, sovereign capabilities are increasingly becoming a prerequisite rather than a preference.
Businesses are also asking deeper questions about ownership, jurisdiction, support models and supply chain dependencies.
But are they actively favouring local or sovereign solutions, even at a premium?
“Honest answer: customers are still mostly picking the hyperscalers,” Green confirmed. “Sovereign is gaining share but it isn’t winning yet. The momentum is real but it hasn’t translated into the majority of decisions.”
According to Green, the harder truth is that Australia has been behind on technology adoption for a long time and the gap is “visible” having recently attended CES, Web Summit, GITEX Global in the United Arab Emirates, and SXSW in the US.
“Other markets are further into agentic workflows, sovereign AI infrastructure, and AI-native product design than we are,” Green observed.
“We have the talent and the regulatory framework but we tend to wait until something is mature elsewhere before adopting it locally. That risk aversion is now working against us. The countries that are pulling ahead on AI sovereignty are doing so because they’ve decided to lead, not follow.”
In short, Green acknowledged that Australian businesses should be selecting sovereign capabilities more than they are today.
“A prosperous country is a strong country,” Green added.
“Every dollar that ships offshore for SaaS or hyperscaler spend is a dollar not invested in domestic capability. Australian-owned and operated solutions exist now, and they’re competitive on compliance and cost if you know where to look.
“The story of investing in your own country, building local capability, and keeping the value chain onshore is one most boards would back if it were put to them clearly. It rarely is.”
What actually drives the decisions that do happen is compliance and total cost, however.
Sovereignty doesn’t win on virtue. It wins on the numbers.
The right pitch isn’t “do the patriotic thing” – rather “this meets your APRA, SOCI, and Privacy Act obligations more cleanly, and it’s cost-competitive on a three-year view.”
There’s also an unspoken career-safety premium that benefits the global names, and local options have to be obviously better to beat it.
For Green, the real opportunity sits in build-vs-buy.
“The strangler fig pattern, well-known in legacy modernisation, is now being applied to large-scale SaaS,” Green explained.
“Instead of replacing Salesforce or SAP in a single project, customers are routing specific workflows around them and building bespoke replacements one capability at a time.
“The SaaS shrinks until what remains can be retired or kept as a thin shell. The reason this works now and didn’t five years ago is that the cost of building bespoke has collapsed.
“Agentic workflows let small teams ship in weeks what used to take a year. Open-weight models and sovereign infrastructure mean you don’t have to send your data offshore to make it intelligent.”
The signal worth watching is what the SaaS vendors themselves are doing. Since late 2025, the big SaaS players have quietly cut prices and pushed customers hard into longer multi-year contracts.
“That combination is revealing,” Green acknowledged.
“They’re trading margin for retention because they can read the same signals: build-vs-buy is shifting against them, and a three-year lock signed today is three years of revenue that can’t be lost to a customer who decides to rebuild.”
The lock-in also raises the future cost of leaving.
As compliance overhead rises with each new privacy tranche, switching vendors gets harder, not easier, and the customer who signs now is buying a few years of stability at the cost of locking themselves out of better architectural choices later.
‘The discount isn’t generosity,” Green warned. “It’s a defensive move by an incumbent who sees the moat eroding.”
The premium has shifted, not disappeared. There’s still a premium worth paying for genuine Frontier capability, niche specialist tools, and certain global collaboration platforms.
For the predictable stuff, the line items in a SaaS bill that has been renewed without thinking for three years running now have competitive sovereign alternatives.
The interesting question isn’t whether customers will pay a sovereignty premium. It’s how long they’ll keep paying a foreign-dependency premium for things they could now build and own?
Going forward, Green expects that sovereignty will become a default expectation, but not in the all-or-nothing way the question implies.
The businesses asking it well aren’t trying to achieve full autonomy. They’re trying to navigate three things at once:
“The test we use with customers is simple,” Green shared.
“If a kill switch came tomorrow, what would you do? If the answer is ‘we’d be down for months, and we’d lose customer trust,’ your sovereignty posture isn’t real, regardless of what the procurement deck says.”
The kill switch doesn’t have to be geopolitical to matter, however.
Vendors get acquired, relationships sour, services get deprecated. Designing for the possibility of disconnection is just good architecture, and it happens to be the same discipline that provides sovereignty.
“If you can’t survive disconnection, you don’t own your system,” Green challenged.
Instead, the “pragmatic answer” is to use global platforms deliberately and build the transition path alongside them.
Most businesses can’t start sovereign-first, and shouldn’t try. Hyperscalers and Frontier model providers are the fastest way to learn what works, build conviction in specific use cases, and prove value before committing to building it internally.
The mistake is treating that starting point as the end state.
“Use the global platforms as a learning environment, and architect for transition from day one,” Green advised.
“Open architecture, vendor abstractions, exit clauses, fallback patterns, and the discipline to not let any single provider become load-bearing for the parts of your business that genuinely need to be sovereign.”
In a direct message to the Australian market, Green said pure sovereignty isn’t realistic for any country outside of the US and China.
Nvidia silicon is American. The frontier models still come from US and Chinese labs. Hyperscalers will remain part of most architectures.
According to Rethinking AI Sovereignty – a paper by the World Economic Forum and Bain in January 2026 – this is known as strategic interdependence.
“The question isn’t how to achieve full independence; it’s which dependencies you consciously accept, which you mitigate, and which are unacceptable for a given workload,” Green said.
“That decision has to be made deliberately, one workload at a time, and revisited as technology and the geopolitical context shift.”
The businesses who thrive will be those who treat sovereignty as a design discipline rather than a procurement filter. That means deliberately engineering for it across all four layers and rebuilding the systems that no longer make sense to rent.
“The barriers have collapsed,” Green summarised. “The only thing left is the willingness to stop renting your future and start building it.”
Inform your opinion with executive guidance, in-depth analysis and business commentary.
