India’s Sovereign AI Policy has a critical blind spot no one is talking about
India’s national AI investment is a textbook first-order move, and a good one. The Union cabinet approved the IndiaAI Mission in March 2024 with a budget outlay of Rs 10,371.92 crore.
Ask 10 people what AI sovereignty means and nine will describe ownership. Whose GPUs, whose datasets, whose model. That isn’t really a wrong answer but it stops one level too early. Sovereignty stripped down to its first principle is about who controls the decision at the exact moment someone makes it. Ownership of an asset and control over a decision are two different things, and the gap between them is where most sovereign AI decisions quietly fail.
India’s national AI investment is a textbook first-order move, and a good one. The Union cabinet approved the IndiaAI Mission in March 2024 with a budget outlay of Rs 10,371.92 crore. That capital has gone toward exactly three assets—compute in the form of tens of thousands of GPUs, data through the AIKosh platform and models through a dozen startups training foundation models. If sovereignty was about asset ownership, this would be the complete answer.
When you trace the causal chain a step further, a second-order question appears. Who decides what an Indian trained-model, running on Indian-owned GPUs, with Indian data, can do once a business deploys it as an autonomous agent? That decision often doesn’t happen inside the frontier model but inside a separate piece of software called the orchestration layer or the runtime that decides which action an agent takes, which data it touches and who has to approve it before it goes ahead. Control over orchestration is the second-order condition and it is the one that actually decides whether an enterprise can trust the system in production.
I’ve watched this play out directly with many businesses only to realise that they have no answer for the compliance questions: Who approves an agent’s output before it reaches a customer? What happens when an agent crosses into territory it shouldn’t? And how does the business produce a clean log of every decision an agent has made? Every one of those answers come from a third-party’s documentation. Essentially, even if a business has sovereign compute, models and data, it is handing over decision-making to a third party.
Once you see orchestration as the decision-making layer, it stops being abstract and breaks into answerable engineering questions. Can the system deploy on premises, inside a private VPC, or fully air-gapped, or does it only run as a SaaS product that ships every interaction to someone else’s cloud? Does its terms of service quietly claim rights over the prompts and proprietary workflows an enterprise feeds it or does that information remain the enterprise’s own?
Can it apply role-based access controls at the exact moment an agent attempts an action rather than flagging the problem in a report no one reads on time? Does it forget everything when a session ends or does it compound what it learns the way a long-tenured employee would? Can it produce a reconstructable log of every decision and every approval on the day regulators come calling? Can the agents read and write inside tools where the business already runs like CRM, ERP, and code repositories, rather than operating as a sealed box a human has to copy information in and out of?
And can 10 or 20 agents across different departments coordinate under one shared policy or does the employee end up with a disconnected assistant that knows nothing about what everyone else is doing?
When orchestration sits outside an enterprise’s control, the visible cost looks like a vendor relationship. The real cost shows up further downstream in stalled deployments. When 65% of C-Suite leaders are ranking data governance and security as the most severe challenge in scaling AI, they are talking about the consequence of unresolved orchestration sovereignty showing up as hesitation. This is the friction that slows the very economic transformation first-order sovereign investments wanted to unlock.
None of the important questions above require a new chip foundry or a decade of supply chain build out. They need engineering discipline applied to deployment architecture, access controls, memory design and system integration that a truly private orchestration offers. First-order sovereignty bought India a seat at the AI table. Second-order sovereignty, which is orchestration sovereignty, is what would let an Indian enterprise actually trust what happens at that table once the agents start acting on their own.
This is exactly why businesses across the world need private, sovereign AI operating systems that can actually answer the questions on every CEO or CIOs mind: DO we really control AI decision-making? I have spent the past several years building agentic AI systems for large enterprises across banking, manufacturing and healthcare, and defense and critical infrastructure and that work has shown me that India and countries around the world racing towards building autonomous businesses must factor in orchestration sovereignty because that’s where the momentum for growth lies.
Raj K Gopalakrishnan, Co-Founder & CEO, KOGO Tech labs


