Integrate technological sovereignty criteria into our due diligence process#
What this is, concretely#
This commitment consists of modifying your internal due diligence processes on the companies you assess for investment, so that technological sovereignty becomes a formal element of the analysis. Concretely, this can take several forms: adding a “technological sovereignty” section to the due diligence memorandum; an explicit request to publish a Sovereignty Profile or equivalent declaration; a structured questionnaire on strategic third-party components, governance jurisdiction, hosting, continuity plans; documented analysis of the risk of licence flip or single-vendor dependency.
The commitment applies to new investments and, in an active portfolio logic, to periodic reassessments of your existing holdings. It does not require you to discard companies that do not yet have a Profile — it requires that this dimension be taken into account explicitly and that your decisions be documented.
The commitment implies a public statement of the approach, not necessarily the detail of the assessments carried out (which remain confidential), but at least the principle: announcement that your due diligence processes now integrate sovereignty, general methodology, weighted criteria.
Why this commitment matters#
Investors and funders are among the most powerful levers of business-practice transformation, because they decide capital allocation. When a fund integrates technological sovereignty into its due diligence, the companies in its existing portfolio are pushed to come into line, and companies seeking funding integrate these criteria into their preparation. The transformation propagates upstream, at the very stage where startups’ technical trajectory is set.
Thesis 11 of the manifesto speaks particularly to public actors of funding: “a serious European digital sovereignty policy is recognised by its investment in foundations, maintainers, and distribution infrastructures.” But the same logic applies to private European investors. A European VC that does not integrate sovereignty into its criteria perpetuates a dynamic in which European startups adopt by default US tools, hosting, and registries to optimise short-term growth — at the cost of a strategic dependency that will weigh on their long-term trajectory.
The commitment resonates with thesis 13 of the manifesto: sovereignty is the condition of business continuity whatever happens. For a fund, this is also a question of valuation and portfolio protection: a startup whose product rests on Redis BSL/SSPL or on a single US hyperscaler carries an undocumented risk that classical due diligence typically ignores.
A concrete example#
A French early-stage investment fund of 80 million euros under management, investing mainly in European B2B SaaS startups, takes this commitment in April 2026 with a 12-month horizon. The investment team (5 people) works with an external consultant to formalise the evaluation grid. Six dimensions are retained: strategic third-party components and their governance, hosting and data jurisdiction, continuity plans in case of provider failure, capital structure of the technical portfolio (presence of non-European investors or controls on critical components), team’s commitment to European open source, exposure to the CLOUD Act and other extraterritorial laws.
The due diligence memorandum now integrates a dedicated section of about three pages, with a structured questionnaire sent in advance to founders. Over the following 12 months, the fund evaluates 23 deals and invests in 4 startups. Of the 23 deals, 14 provide substantive responses to the questionnaire; 5 have Sovereignty Profiles in draft; 4 do not respond on these dimensions (and were not retained). The fund publishes in May 2027 a feedback report on its investment thesis, which inspires two other European funds to formalise an equivalent approach.
Anti-pattern to avoid#
Pure-form integration — a tick-box in the memorandum without real weighting in the decision — does not honour the commitment and produces no signal towards startups. Conversely, a rigid grid that would mechanically eliminate any startup using a single-vendor component would deprive the fund of legitimate opportunities (every European startup uses at least partially American single-vendor bricks at the start). The strength of the commitment lies in real weighting and nuanced reading — the grid is not a pass/fail test but a risk-analysis tool.
Success indicators#
By the 12-month horizon, you can reasonably consider this commitment fulfilled if your formal due diligence processes now integrate a “technological sovereignty” section, if your recent investment decisions document this dimension, if you have asked at least some candidate companies for a Sovereignty Profile or equivalent declaration, and if you have published at minimum the principle of your approach. Publishing a feedback report strengthens the collective value.
JSON schema category: procurement. Default horizon: 12 months. Applicable to: businesses.