CFOtech UK - Technology news for CFOs & financial decision-makers
United Kingdom

Guides

#
artificial intelligence
#
data analytics
#
digital transformation
#
fintech
#
healthtech

Search

Cloud server illustration uk map digital locks data streams security
#
Cloud Security
#
Edge Computing
#
Data Privacy

UK IT leaders move away from US clouds over sovereignty fears

Today
Author image
By Shannon Williams, Journalist

More than half of UK IT leaders are planning to move away from US-based cloud providers due to rising concerns about data sovereignty and jurisdiction, according to research commissioned by Asanti.

The survey, conducted by Vanson Bourne in June 2025, canvassed 100 senior IT decision makers from organisations across several sectors, including public sector, healthcare, financial services, and technology. All participating organisations were based in the UK, employed over 250 people, and reported annual revenues above GBP £5.1 million. The research highlights a marked shift in attitudes about where critical data is stored and which regulatory frameworks apply.

Shifting cloud strategies

The findings reveal that 52% of respondents currently using public or hybrid cloud models are actively seeking to limit their reliance on US cloud providers. An overwhelming 95% cited data sovereignty, while 93% referenced data residency as primary concerns behind this shift. Recent geopolitical developments have led to 45% of surveyed organisations currently using US public cloud platforms stating they intend to restrict their data's exposure to US legal jurisdiction.

Stewart Laing, Chief Executive Officer of Asanti, described the growing sense of caution among UK IT leaders regarding international data governance. In his words:

Organisations are becoming more aware and more wary of where their data is stored and who has jurisdiction over it. It's no longer just about performance or cost. It's about trust, control and strategic sovereignty.

Rising repatriation and colocation

This latest research builds upon a trend observed in October 2024, when 91% of UK organisations reported that they were already moving at least some applications away from public cloud environments and back on-premise or into colocation facilities. Key reasons for repatriating workloads include the high and recurring costs of certain public cloud services (41%), limited control and customisation options (39%), slow data transfers for real-time applications (36%), and concerns over security, compliance, and risk management (39%).

Yet, the process of bringing data and applications back from the cloud is not without barriers. The most commonly cited challenges by respondents include the complexity of moving applications back to internal systems (38%), inflexible vendor contracts and cloud lock-in (36%), and a lack of internal skills required for successful repatriation (41%).

Laing commented further on the nuanced position faced by many organisations:

Cloud is powerful – but not perfect. The lesson here is that infrastructure strategy needs to be driven by business needs, not vendor hype. We strongly advise UK organisations to revisit their current and future hosting strategies with a more critical eye, especially as AI workloads, regulatory scrutiny, and cyber threats escalate.

Recommendations from the research

The research sets out several recommendations for UK organisations considering changes to their IT infrastructure. These include the need to assess geopolitical risks when selecting technology providers, matching the sensitivity of workloads to the appropriate hosting model, and ensuring the flexibility to move, repatriate or adapt infrastructure as priorities shift.

Respondents represented a cross section of UK industries and job roles, with 30 at Board or C-level and 70 in senior management positions. The survey reflects a widespread and growing awareness of the impact of global regulations, data privacy laws, and geopolitical events on UK IT strategy, underpinning a trend towards greater localisation and the development of bespoke solutions aligned to business risk profiles.

Several IT leaders also highlighted that shifting away from US-based public cloud services often involves reviewing existing contracts, evaluating the costs of migration, and identifying skills gaps that need to be addressed as part of the transition process. Despite these hurdles, many organisations feel increasingly compelled to establish greater sovereignty over their data as a strategic necessity, rather than a technical preference.

Results from the research suggest that UK organisations are entering a period of reassessment regarding where and how their information can best be managed, given evolving regulatory environments and the wider risk landscape.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Josys launches AI SaaS risk tool & boosts identity automation
Sumsub & Data Zoo partner to boost global fraud prevention
Industrial Strategy hailed as digital, skills & supply chain reforms urged
Tray.ai unveils Merlin Agent Builder 2.0 for enterprise AI scale
AI adoption in Europe outpaces workplace policies & training

Top stories

Xledger UK adds five new partners to drive finance software growth
CIBC Innovation Banking backs Wint’s growth after Norvestor deal
UiPath modernises ERP with Deloitte using agentic automation
Siren adopts ISO GQL to boost graph search for investigators
tick9 & iplicit team up to boost SME cloud finance in logistics