Europe Chooses Control Over Code
De Nederlandsche Bank trades technological edge for legal certainty in cloud shift
The De Nederlandsche Bank is moving some of its most sensitive data to a company most Europeans associate with weekly grocery shopping. The owner of Lidl and Kaufland is now becoming a provider of critical digital infrastructure.
At first glance, it sounds like a mismatch: financial stability entrusted to a supermarket conglomerate. But behind that seemingly odd choice lies a strategic shift that extends far beyond a single contract.
DNB has signed an agreement with Schwarz Digits to use its cloud platform STACKIT. In doing so, the central bank is moving parts of its digital infrastructure away from American providers such as Amazon Web Services and Microsoft Azure toward a European alternative.
“With every step toward the cloud, we explicitly assess geopolitical risks and examine how we can reduce our dependencies.”
Spokesperson
De Nederlandsche Bank
That single statement reveals what this decision is really about. This is not just an IT choice—it is a geopolitical one.
Control over capability
Why would a regulator, whose core mandate is stability, choose a relatively young provider? The answer is straightforward: because the alternatives have become too deeply embedded in a different legal system.
American cloud providers fall under legislation such as the Cloud Act, which in certain circumstances allows access to data—even when it is stored outside the United States. For commercial companies, that may be a trade-off. For a central bank, it represents a structural risk.
STACKIT offers something the hyperscalers cannot: full alignment with European jurisdiction. But that choice comes at a cost.
A deliberate step back
From a technological standpoint, there is little debate. The lead held by American cloud providers is substantial—built over decades of scale, innovation and ecosystem development.
That reality is acknowledged within DNB itself.
“Today, independence is not yet an option, simply because it is not available. No European alternative is currently adequate enough to replace one of the major non-European IT providers.”
Steven Maijoor
Director of Supervision, De Nederlandsche Bank
The implication is uncomfortable but clear: this move is not about choosing the best available technology today, but about selecting the least risky dependency.
The paradox of digital sovereignty
This is where the central tension emerges.
Europe wants to reduce its reliance on foreign technology, yet it does not currently have an equivalent alternative. To break that dependency, it must adopt solutions that—at least for now—are less mature.
This creates a paradox: To become digitally independent, you may have to accept being technologically behind. In other words, autonomy is being purchased at the expense of efficiency.
A market still in the making
The company behind STACKIT, Schwarz Gruppe, is investing billions in data centers and infrastructure. It is one of Europe’s largest privately held companies, with deep financial resources and extensive experience in large-scale IT through retail and logistics.
Still, the gap with Silicon Valley remains significant. While American cloud providers invest at a global scale measured in hundreds of billions, Europe is still assembling a fragmented alternative.
“We want to offer an alternative for companies that do not want their data to fall under U.S. legislation. We are the cloud for the Mittelstand—and now also for governments.”
Christian Müller
Co-CEO, Schwarz Digits
That positioning is telling. STACKIT is not necessarily aiming to be the largest or most advanced provider—but the most legally predictable one.
More than an experiment?
The question is whether deals like this signal a structural shift or merely a political gesture.
For now, the former seems unlikely. It is improbable that the entire financial sector will follow suit in the near term. STACKIT still needs to prove itself under the demanding conditions of banking compliance, scale and reliability.
Yet the symbolic weight of this decision is hard to ignore.
“Digital autonomy means the freedom to choose from a broad range of providers. Strengthening the European market is key to achieving that.”
Zsolt Szabó
State Secretary for Digitalization and Kingdom Relations
The direction is clear: Europe is not necessarily abandoning American technology—but it is actively trying to reduce its dependence on it.
A shifting definition of ‘security’
What this development ultimately reveals is a change in how security is defined.
Where security once focused on:
- uptime
- performance
- technical robustness
it is increasingly about:
- legal control
- geopolitical exposure
- the origin of technology
The question is no longer just how well a system performs, but also under whose rules it operates.
An uneasy future
DNB’s decision illustrates that cloud computing is no longer a purely technical domain. It has become a strategic issue where economics, politics and technology intersect.
The outcome remains uncertain. If Europe wants to strengthen its digital independence, it will need to make choices that may be less efficient in the short term—hoping they will provide greater control in the long run.
The question now facing policymakers and institutions alike is simple, yet difficult to answer:
How much technological advantage is Europe willing to sacrifice to gain digital sovereignty?
Credit
Illustration: AI-generated (pencil sketch style), concept by Altair Media
Caption
A central bank caught between two clouds: technological dominance versus digital sovereignty.
