Not just governments but even corporates are becoming increasingly mindful of where their AI infrastructure lives and which AI models they use.
- From 10 July 2026, Alibaba has banned Claude for 200,000+ employees. One security decision, one announcement, one deadline.
- EU regulated industries — financial services, defence, public sector — are mandating Mistral on sovereign infrastructure. Not a preference. A contract condition.
- France signed Mistral into its defence and public administration framework in January 2026. An approved model list is now government policy.
The sovereignty juggernaut is picking up steam
The data tells two stories simultaneously — and the tension between them is exactly the problem.
AI usage has reached near-saturation. 99% of European organisations now use AI applications. ChatGPT is active in 88% of them. Claude in 79%. Gemini in 69%. These are not experimental tools — they are embedded in how work gets done. For consultants, they are as fundamental as a laptop.
Governance is racing to catch up. The share of users on organisation-managed AI — tools approved, provisioned, and controlled by IT — has jumped from 28% to 72% in twelve months. IT departments are no longer passive. They are actively deciding what is approved, what is restricted, and what is blocked entirely.
2026 figures overlap: 15% of users switch between personal and managed accounts, so personal (43%) + managed (72%) exceed 100%. Prior years were mutually exclusive splits.
But the bans are landing on exactly the tools consultants use most. Usage rising and restrictions rising would be manageable if the restrictions fell on obscure tools. They do not. ChatGPT, Claude, and Gemini — the three most widely deployed AI tools in European organisations — are also among the most frequently banned. 25% of European organisations have blocked Grok. c.10% have banned ChatGPT or Gemini outright. The most popular models carry the most exposure.
Here is why this matters for consultants specifically. When organisations track which data is leaking through AI tools, the two biggest categories are regulated data — things like client financial records, personal information, and legally sensitive materials — and intellectual property, which includes proprietary methodologies, deal terms, and strategic analysis. These account for 59% and 13% of all AI data policy violations in Europe respectively. In other words, the data that is most likely to trigger a client's AI restrictions is exactly the data consultants handle every day.
27% of European organisations now apply DLP controls to ChatGPT — restricting what data employees can submit, even where the tool itself is not banned outright. The distinction matters: a DLP control is a data restriction. An outright ban is a tool restriction. Both are live. Both affect your practice in different ways.
Implications of sovereignty demands for your practice
If you are an independent consultant or boutique firm, you have almost certainly built your workflow around one or two models. That is rational. You found what worked. You stuck with it.
The problem is that your clients did not sign up for that choice. Their procurement team did not approve it. Their data officer did not review it. And increasingly, those people are starting to ask.
When your client imposes a model restriction, you face four hurdles:
You must be prepared to answer these four questions
How to make your practice ready for client-mandated models
The challenge is not simply switching models. As a consultant or boutique firm, you serve multiple clients simultaneously — and each client may have different requirements. One mandates Mistral. Another has banned ChatGPT. A third restricts any model that processes data outside the EU. The question is how to satisfy each client's specific requirements without rebuilding your practice from scratch each time.
There are three credible paths.
Some clients will insist you work within their own AI environment — their laptop, their internal tools, their approved model list. This eliminates the data sovereignty problem entirely: the client owns the infrastructure and controls their own compliance.
However, it introduces a different risk. Your IP, your prompts, and your methodology must be copied into their environment to generate outputs. You have no control over what happens to your intellectual property once it sits on their systems. AI quality is also capped by whatever models their IT team has approved — which may lag significantly behind frontier capabilities.
This option works for a single client engagement. It does not scale across a multi-client practice.
Your own infrastructure, your own model routing, your own compliance layer, your own logs. Full ownership, no dependency on any model provider's terms.
This is what the large consulting firms — McKinsey, BCG, Deloitte — have the IT muscle and budget to build, certify, and maintain internally. Most independent advisors and boutique firms do not. The cost is significant: infrastructure decisions, model routing architecture, memory design, token cost management, ongoing maintenance, and a compliance documentation layer to certify before a single piece of client work goes out the door.
It is a substantial ongoing engineering and legal investment. And it still needs to be rebuilt or re-certified every time the model landscape shifts.
PAL delivers everything Option B provides without building it yourself. Per-client vault isolation, frontier model access across Claude, GPT, Mistral, and Gemini, and a client-ready UK GDPR compliance pack from day one.
- Set 'allowed' models per client — match procurement requirements from day one
- Your methodology, client data, and IP stay with you — not locked into any one model
- Complete audit trail — prove which model generated which answers with what data
Your practice knowledge is stored in PAL's vault — not in any model's context window. When a model is restricted, your context carries across.
Ready for whatever your client mandates.