People died because their phones couldn’t connect to Triple Zero during three separate incidents between November 2023 and November 2025.
The November 2023 Optus outage left millions unable to call emergency services. Then it happened again in September 2025. And in November 2025, a TPG customer died during a medical emergency when their Samsung phone couldn’t complete the call.
This guide examines the regulatory response to Australia’s telecommunications emergency call crisis, analysing the new enforcement powers and compliance framework.
So what’s Australia doing about it? Creating a regulator with teeth. The Triple Zero Custodian legislation passed in October 2025 gives government power to force compliance across carriers and device manufacturers. ACMA can now mandate device blocking, impose penalties up to $30 million, and require real-time outage reporting.
This is a shift from reactive incident response to proactive safety enforcement. If you’re managing telecommunications infrastructure or vendor relationships, these compliance requirements will affect your device selection and any services that depend on carrier networks.
The legislation creates an independent body housed within the Department of Infrastructure. Unlike ACMA, the Custodian doesn’t enforce rules directly. Instead, it sets strategic direction and can request ACMA to investigate carriers, require information, or direct action.
Think of it as a strategic layer above ACMA’s operational enforcement. The Custodian helps you prepare for outage events and oversees the entire ecosystem. When problems emerge, the Custodian refers matters to ACMA for investigation and enforcement.
The legislation implements a recommendation from the Review into the Optus Outage of November 2023. That review found no single body could see the whole picture, which hampered accurate and timely advice during the crisis.
Starting November 1, 2025, carriers must maintain a public register of network outages with real-time reporting capability and test Triple Zero during upgrades and maintenance.
ACMA implements the Emergency Call Service Determination, which defines technical requirements, testing standards, and carrier obligations. The new legislation provides ACMA with powers to direct action from carriers to ensure effective emergency calling.
The enforcement mechanisms are straightforward. Financial penalties for non-compliance, with the maximum recently increased from $10 million to $30 million. Optus paid $12 million for the 2023 outage. Under the new framework, that penalty could reach $30 million.
There’s also device blocking directives when phones can’t reliably complete emergency calls, and compliance investigations following failures.
The new rules starting November 1, 2025 require carriers to subject handsets to special tests designed to evaluate network switching during emergency calls. This means testing how devices perform when base stations experience outages and power down signals.
Real-time reporting requirements force immediate transparency. When network disruptions affect emergency calling, carriers must report to ACMA and emergency services immediately. Not hours later. Not the next day. Immediately.
ACMA selected the National Telecommunications Resilience Centre at University of Technology Sydney as the new testing provider, established in response to the Optus outage review.
When devices fail emergency calling tests or demonstrate real-world failures, carriers must block them from networks. The Emergency Service Call Determination requires all mobile operators to block devices that aren’t configured to access emergency call services.
The process balances public safety with consumer impact. Carriers must provide 28-day notification before blocking, giving customers time to update firmware or replace devices.
Here’s the timeline: testing failure → customer notification → 28-day waiting period → network blocking. During that period, carriers must explain the non-compliance issue, offer remediation options like firmware updates, and help with device replacement if updates aren’t available.
And blocking isn’t limited to emergency calling. Devices lose access to all Australian mobile networks for voice, data, and messaging.
The Samsung firmware issue on Vodafone‘s network in November 2025 prompted the first large-scale blocking under the new rules. An estimated 50,000 older Samsung devices face blocking unless patched or replaced. The tally of affected models stands at 71 and growing, with 11 belonging to older product series using software that can’t be patched.
TPG CEO Inaki Berroeta put it bluntly: “Customer safety remains our highest priority. This is a tragic incident… We urge all customers with outdated software to replace or update their devices without delay.”
If you’re concerned about whether your device is affected, see our guide on checking your Samsung phone’s Triple Zero capability.
Camp-on is the fallback mechanism that lets your phone connect to any available network for emergency calls, not just your home carrier. When operating correctly and according to industry standards, mobile handsets automatically seek alternative mobile service when their home networks are unavailable.
Here’s how it works. Your primary network goes down. Your phone detects it can’t reach your carrier. Instead of showing “no service,” the phone scans for other networks and camps-on to make the emergency call. A Telstra customer’s phone might use Optus or Vodafone networks. No commercial roaming agreements required. It happens automatically.
VoLTE (Voice over LTE) adds complexity. Emergency calls route over data networks rather than legacy circuit-switched systems. This requires the device firmware to detect emergency calling state, establish a priority data bearer, and route the call correctly. When firmware gets this wrong, camp-on fails.
The Samsung firmware issue demonstrated complete failure. Firmware locked affected handsets to Vodafone’s shuttered 3G network, leaving them unable to switch and place emergency calls when Optus and Telstra’s mobile networks were down or out of range.
Sources familiar with the technical details called the configuration “highly irregular” and even “unheard of” in mobile engineering circles.
ACMA’s new testing rules target camp-on performance. Carriers must test how handsets perform when they have to switch networks to place emergency calls, including scenarios where base stations experience outages and power down signals.
Australia’s model concentrates power in a centralised regulatory authority. The Triple Zero Custodian provides strategic direction while ACMA handles operational enforcement. Device blocking is mandatory. Testing protocols are specified. Penalties are explicit.
The USA’s FCC takes a different approach. Self-regulation frameworks dominate, where carriers certify compliance voluntarily. The FCC can fine carriers for 911 failures but historically relies on industry compliance and post-incident enforcement. There’s no federal equivalent for mandatory device blocking.
Both countries experienced emergency calling failures that drove reform. But the responses differ in centralisation and enforcement philosophy. Australia mandates testing protocols through the Emergency Call Service Determination. The USA relies more on carrier-defined standards.
For businesses operating in both jurisdictions, this creates different compliance landscapes. Australian operations face clearer obligations but less flexibility. US operations have more flexibility but less regulatory certainty about what constitutes adequate compliance.
Starting November 1, 2025, carriers face a comprehensive set of requirements. Mandatory compliance testing on all devices before network deployment and after firmware updates. Testing must validate camp-on fallback behaviour under network outage conditions.
Real-time reporting of network outages affecting emergency calling goes to both ACMA and emergency services. Immediate notification, not hours or days later.
Device blocking implementation within regulatory timelines when ACMA issues directives.
Carriers must maintain emergency call routing infrastructure that meets camp-on technical requirements defined in the Emergency Call Service Determination. This includes coordination with device manufacturers to distribute firmware updates addressing emergency calling bugs.
When ACMA launches compliance investigations, carriers must respond and provide testing evidence. Financial penalties apply for failures to meet emergency calling reliability standards.
All three major carriers now regularly conduct handset tests and warn consumers about dangers of continuing to use handsets with problems placing Triple Zero calls. These compliance requirements have prompted significant operational responses from carriers, with some restructuring their network operations to meet the new standards.
The November 2023 Optus outage came first. Network failure prevented millions from calling emergency services. Optus paid $12 million for that failure.
Then September 18, 2025. Another Optus outage involving emergency call services resulted in over 600 emergency calls failing. At least three deaths linked to this outage. Optus was first alerted at 2:51pm, initially affecting around 10 calls. By 8:05pm, 100 emergency calls had been missed.
The response delays made it worse. Optus CEO Stephen Rue contacted ACMA at 2:30pm on September 19 – nearly 24 hours after initial awareness. Federal government notification came at 4pm.
The technical cause? A firewall upgrade at Optus Regency Park exchange in South Australia went wrong. But the deeper issue was systematic: network monitoring systems previously outsourced to Nokia teams in India and Australia failed to catch and escalate the problem.
The Samsung firmware bug that locked devices to Vodafone’s retired 3G network meant camp-on failed completely, preventing emergency calls even when alternate networks were available.
The pattern is clear: carriers prioritised commercial network operations over emergency calling reliability testing. Voluntary compliance failed to protect public safety. Deaths occurred before regulatory mechanisms could enforce accountability.
The new regulatory framework represents Australia’s response to these telecommunications safety failures, shifting from voluntary compliance to mandatory enforcement with substantial penalties and oversight.
The consumer liability framework operates separately from regulatory enforcement. ACMA penalties fund government oversight, not victim compensation. You can pursue civil litigation for negligence or breach of service obligations if emergency call failures cause harm. Legal precedent is developing following the recent fatalities. Consult legal advice for your specific circumstances.
Carriers must notify you 28 days before blocking. You’ll receive notification via email or SMS with specific instructions. Check your carrier’s website for published lists of affected models. ACMA doesn’t maintain a centralised public registry. If you’re concerned, contact your carrier’s customer service or check for available firmware updates addressing emergency calling issues.
Compliance testing simulates network outage conditions to validate camp-on fallback behaviour. Tests must evaluate how handsets perform when they have to switch networks to place emergency calls. This includes scenarios where base stations experience outages and power down signals. The Emergency Call Service Determination specifies mandatory testing protocols. Carriers must test devices before deployment and after firmware updates.
The period provides time to update firmware or obtain replacement devices before network blocking. Carriers must explain non-compliance, offer remediation options, and assist with transitions. Too short creates consumer hardship. Too long delays safety improvements. The 28-day window provides a reasonable transition period.
It’s a shared responsibility model. Manufacturers develop firmware meeting emergency calling standards. Carriers test devices before network deployment. When firmware bugs prevent emergency calls, both parties have failed: manufacturers distributed non-compliant firmware and carriers deployed it without adequate testing. The new framework holds carriers accountable for testing compliance regardless of manufacturer responsibility, which incentivises thorough validation.
Complete network service loss. Not just emergency calling. Your device can’t connect to any carrier network for voice, data, or messaging. Blocking protects public safety by ensuring networks only carry devices with reliable emergency calling. You must update firmware to fix compliance issues or replace the device with a compliant model to restore service.
The EU coordinates 112 emergency services through BEREC (Body of European Regulators for Electronic Communications) but lacks a single centralised custodian authority. Member states implement regulations nationally with EU-wide standards. Australia’s Triple Zero Custodian provides stronger centralised enforcement compared to the EU’s coordination model. Both mandate emergency calling fallback mechanisms similar to camp-on.
VoLTE emergency calls require IMS (IP Multimedia Subsystem) emergency bearer establishment over data networks. The device must detect emergency calling state, establish a priority data bearer, and route calls to emergency services. Firmware must support camp-on fallback when home network VoLTE service is unavailable. The Emergency Call Service Determination specifies technical standards carriers and devices must meet.
The Custodian’s authority focuses on emergency calling compliance rather than general infrastructure investment mandates. It can’t directly mandate specific technology deployments but can enforce reliability outcomes that may require infrastructure upgrades.
Optus paid $12 million for the 2023 outage. The maximum penalty was recently increased from $10 million to $30 million for carriers failing to follow Triple Zero rules. ACMA can directly enforce contraventions through court proceedings or infringement notices.
The framework requires pre-deployment device testing and post-update validation. Carriers face penalties for deploying non-compliant devices. Monitor ACMA guidance on Emergency Call Service Determination requirements for specific technical obligations. Plan device replacement programmes for non-compliant models. Document compliance testing procedures for regulatory audits. Consider international regulatory differences for multinational operations.
Device blocking targets specific non-compliant models failing emergency calling tests, not all older devices. Phones meeting camp-on and emergency calling standards remain compliant regardless of age. An estimated 50,000 older Samsung devices face blocking due to the firmware issue. Carriers must notify customers before blocking, providing firmware update or replacement opportunities.
How VoLTE Firmware Failures Block Emergency Calls and Why Some Samsung Phones Cannot Be FixedIn November 2024, someone in Sydney died because their Samsung phone couldn’t connect a Triple Zero emergency call. TPG Telecom reported the fatality as the first documented death directly caused by a firmware bug in dozens of Samsung Galaxy models sold in Australia. This incident is a key part of the broader Australian telecommunications crisis, which revealed critical infrastructure vulnerabilities affecting public safety.
Here’s what happened. The firmware on these devices had Vodafone’s 3G network hardcoded as the only emergency failover route. When Vodafone shut down 3G in late 2023, these phones lost the ability to switch to alternative carrier networks during emergencies. Triple Zero calls just… failed.
And here’s the real problem—11 of the affected models have firmware settings permanently written into the baseband processor. You can’t patch them with software updates. The configuration is baked in. For these devices, software updates don’t work. The phones need to be replaced.
This bug sat there undetected until late 2024, over a year after the 3G shutdown. Testing protocol gaps meant firmware-locked devices remained undetected across three major carriers—TPG, Telstra, and Optus.
The affected devices include Galaxy S7 series, Note 5 series, and a growing list of phones over seven years old. Under Australia’s Emergency Service Call Determination, carriers must block non-compliant devices from all networks after a 28-day notification period.
This incident shows testing gaps in emergency calling compliance, firmware lifecycle risks, and why some technical debt can’t be patched away. If you’re managing mobile device fleets, this matters.
VoLTE sends voice as data packets over 4G LTE networks instead of the circuit-switched connections that 2G and 3G used. Emergency calls on VoLTE use a dedicated emergency APN and SIP signalling to prioritise routing through the IMS core network. Unlike the old systems with hardware-based emergency failover, VoLTE emergency routing depends entirely on correct firmware configuration.
The architecture matters because it moves emergency calling from hardware to software control.
In the old 3G networks, when you dialled 000, your phone’s baseband processor automatically scanned available networks independent of what the operating system was doing. The hardware handled emergency failover. Firmware bugs couldn’t block it.
VoLTE changes this. Voice becomes data packets routed through the carrier’s IP Multimedia Subsystem. Your phone establishes an emergency bearer using a dedicated APN that bypasses normal authentication. A SIP INVITE message carries the emergency indication flag, which triggers priority routing to the PSAP—the Public Safety Answering Point.
The catch—every step depends on firmware instructions. Network selection, failover priority, camp-on behaviour, emergency APN configuration. It’s all defined in firmware tables compiled during manufacturing.
The old 3G system gave you automatic network scanning at the hardware level. VoLTE gives you efficiency and better voice quality, but it introduces firmware dependency as a single point of failure.
Carriers and manufacturers must comply with standards ensuring emergency calls work whenever network service is available. The standards assume firmware will be configured correctly and updated when network infrastructure changes.
The Samsung case shows what happens when those assumptions break down.
Samsung firmware hardcoded Vodafone’s 3G network as the only emergency call route for network failover. When Vodafone shut down 3G in late 2023, devices on Telstra or Optus networks trying emergency failover searched for a network that no longer existed. The firmware stopped them from switching to available Vodafone 4G or alternative carriers. Emergency calls just failed.
The configuration error lives in the emergency network selection priority table embedded in the device baseband processor. This table defines which carrier networks the phone tries to use for emergency calls when the home network is unavailable.
For these Samsung models, the table said: “Vodafone 3G only.”
No Vodafone 4G configuration. No Telstra or Optus fallback. Just a hardcoded reference to a network that would eventually be decommissioned.
Here’s the failure sequence: You initiate an emergency call on a Telstra or Optus network. Home network unavailable scenario triggers firmware failover logic. Device searches for hardcoded Vodafone 3G. 3G network no longer exists. Emergency call fails with no fallback mechanism.
Galaxy S7 series, Note 5 series, and additional models are in the scope. These devices were sold 7+ years ago. Around 70 Samsung handsets are confirmed affected—11 need complete replacement, 60 can be fixed via software update.
The discovery timeline shows testing failures. TPG initially found a different VoLTE emergency calling issue in late 2023. Telstra’s comprehensive testing in late 2024 revealed the hardcoded Vodafone 3G problem through “advanced technical procedures” that standard mobile tests don’t reliably detect. That’s a year-long gap between 3G shutdown and discovery.
When Telstra found the issue, their statement was blunt: “Why this was configured this way is a question for Samsung and Vodafone.” The emergency call crisis forced carrier operational responses, including Optus’s decision to bring 450 Nokia staff in-house to improve network oversight.
The answer probably lies in technical debt. Design decisions made in 2015-2016 when these models were manufactured. At that time, Vodafone had extensive 3G coverage in Australia. Someone made a firmware template decision that got reused across model years and never updated when network infrastructure evolved.
When you dial 000 or 112, the firmware sets a priority flag in the call setup. This activates the emergency bearer and bypasses normal registration requirements. If you’re on your home network, the phone routes directly to the PSAP—the Public Safety Answering Point—through the carrier’s emergency gateway.
But what happens when your home network is unavailable?
This is where firmware-controlled network failover comes in. The device triggers an emergency scan of all available PLMNs—Public Land Mobile Networks. It measures signal strength, ranks available networks, and camps-on to the strongest signal without requiring SIM authentication.
Regulatory requirements mandate multi-carrier emergency access. If you’re an Optus customer but Optus towers are down, your phone should camp-on to Telstra or TPG’s Vodafone network automatically.
The Samsung firmware failure blocked this entire process. When Telstra or Optus customers had home network unavailability, their phones searched only for Vodafone 3G. No PLMN scanning of available networks. No camp-on to Vodafone 4G or alternative carriers.
The phone didn’t tell you. You dial 000, the phone appears to attempt connection, and nothing happens.
That’s what happened in the November 2024 fatality.
Samsung firmware contained hardcoded emergency network failover configuration that specified Vodafone 3G as the only alternative network for emergency calls. This configuration was likely created when Vodafone had extensive 3G network coverage in Australia during the mid-2010s and never updated. Hardcoded settings are permanently written into firmware memory during manufacturing and can’t be modified through standard over-the-air software updates.
Let’s talk about what “hardcoded” actually means here.
Baseband processor firmware is low-level control software compiled into binary format during manufacturing. Emergency network priority settings live at this level, not in user-configurable OS settings or even semi-configurable modem files.
There’s a configuration hierarchy: Baseband firmware (lowest level, compiled binary) → Modem configuration files (semi-configurable) → OS-level network settings (user-configurable). Emergency settings sit at the baseband level because they need to be reliable. They can’t depend on OS state or user modifications.
The tradeoff is that baseband firmware is permanent. You can’t change it with a settings update or even most over-the-air updates.
So why did Samsung choose Vodafone 3G specifically?
During 2015-2016 when these models were manufactured, Vodafone operated the most extensive 3G network coverage in Australia. If you were designing emergency failover configuration, Vodafone 3G was a reasonable choice for alternative network access.
Someone made that decision, compiled it into firmware, and moved on. The configuration likely got reused as a template across multiple model years because emergency network tables don’t change often.
Until they have to.
Devices beyond the manufacturer support lifecycle don’t get baseband firmware updates. Samsung discontinued security and firmware updates for these devices years ago. They’re 7+ years old. No OTA update path exists for baseband firmware on legacy models.
Even if Samsung wanted to fix it, the update would require complete baseband processor reflashing using manufacturer-specific tools and security keys that aren’t available for consumer devices. The cost and risk of attempting this for discontinued models exceeds device replacement value.
The technical debt compounds over a 7+ year lifecycle. Network infrastructure assumptions made in 2015 broke in 2023. The firmware had no update path. And testing protocols didn’t catch it.
Camp-on lets mobile devices temporarily register and connect to any available carrier network for emergency calls, even without a valid SIM or roaming agreement. Mobile network engineers describe camp-on as the automatic network switching capability that makes emergency calling work when your carrier’s network fails.
Here’s the process: Firmware scans for all carrier broadcast signals. Measures signal strength. Ranks available networks. Selects the best candidate. The device sends an emergency attach request. The network validates without requiring SIM authentication. Temporary emergency bearer established. Call completes. De-registration after call completion.
Australian regulations mandate multi-carrier emergency access through the Emergency Service Call Determination.
Look at the Optus outage in September 2024. Network infrastructure failure left customers unable to call emergency services for 14 hours. Three people died. If camp-on worked properly, those devices should have automatically switched to Telstra or TPG networks.
Coverage gaps in rural areas, network congestion during disasters—camp-on provides redundancy when you need it most.
The Samsung firmware failure broke all of this. The hardcoded Vodafone 3G configuration prevented PLMN scanning of available networks. Complete camp-on failure.
Firmware is low-level control software embedded in the baseband processor—compiled into proprietary binary format during manufacturing, cryptographically signed with security certificates. Software is the OS and applications running on top. Different update mechanisms, different security controls.
OTA updates target the software layer and semi-configurable modem files. They can’t modify compiled baseband firmware binaries. The emergency configuration in affected Samsung devices is compiled into the firmware binary at manufacture time. No runtime configuration API exists.
Around 60 of the 71 affected handsets can be fixed because their emergency configuration is in updateable modem files. But 11 models have it hardcoded in baseband firmware. For those, software updates don’t work.
The affected devices were released in 2015-2017. They’re beyond any support lifecycle. Reflashing baseband firmware requires Samsung proprietary tools, security certificates, and signing keys that aren’t public. For 7+ year old phones, the cost exceeds device replacement value.
The technical debt lesson: hardcoded values create long-term liabilities. Network infrastructure assumptions made in 2015 broke in 2023.
For the 11 Samsung models with hardcoded Vodafone 3G configuration, the phones need to be replaced.
The Samsung firmware issue remained undetected for over a year because carriers’ testing protocols failed to validate emergency failover to non-home networks in 3G shutdown scenarios.
Comprehensive testing requires six phases: home network emergency calling, network unavailable simulation, camp-on verification, cross-carrier emergency routing, technology variant testing (VoLTE, 3G, 2G), and edge cases (removed SIM, expired SIM, roaming).
TPG discovered Samsung devices had an emergency calling issue but identified a different problem than the hardcoded Vodafone 3G configuration. Telstra’s comprehensive testing with home network disabled revealed the hardcoded configuration. This happened in late 2024, over a year after the 3G shutdown.
The testing gaps are systemic. No standardised inter-carrier emergency testing protocols exist. ACMA has now introduced more stringent rules requiring carriers to test network switching during emergencies.
If you’re managing corporate mobile device fleets, implement enterprise device testing protocols: quarterly emergency calling audits, test with home network disabled, verify camp-on to alternative carriers, document results.
During network technology transitions—4G to 5G is coming next—implement dedicated testing windows. The fleet management implications for organisations with mobile devices go beyond consumer safety to operational resilience and regulatory compliance.
The cost has already been measured in lives lost.
The Emergency Call Service custodian, currently Telstra, operates Australia’s Triple Zero emergency call network under government contract. ACMA regulates emergency calling through the Emergency Service Call Determination, which mandates blocking devices that can’t reliably complete emergency calls.
Here’s what happens when a device fails emergency calling:
Carrier identifies non-compliant devices via IMEI—International Mobile Equipment Identity. Sends SMS and email warnings. Provides 28-35 day remediation period with update instructions or replacement offers. Adds IMEI to national blocking database. Device gets blocked from all Australian networks, not just home carrier.
For the Samsung incident, ACMA mandated blocking of affected devices. Samsung is obligated to provide device replacement programmes.
New requirements starting November 1, 2024 include real-time reporting of outages to ACMA and emergency services. Mandatory improvement plans after Triple Zero outages. Testing during network upgrades and maintenance.
The regulatory framework is tightening in response to repeated failures—the Optus outages, the Samsung firmware issue, and others.
Check Samsung’s official announcement and your carrier’s (Telstra, Optus, TPG) affected device lists. If your device is affected, you’ll receive SMS/email notification from your carrier. You can also check if your phone successfully registers on alternative carrier networks in settings, but DO NOT test by calling actual emergency numbers. Affected models primarily include Galaxy S7 series, Note 5 series, and selected devices over 7 years old.
Follow your carrier’s instructions immediately. Most devices can receive a firmware update via Settings → Software Update. If your device has hardcoded firmware, it can’t be fixed with software updates and you must accept the free replacement phone offered by your carrier. Don’t ignore notifications—your device will be blocked from all Australian networks after the 28-35 day notification period, making it unusable for all calls.
No. ACMA Emergency Service Call Determination requires devices to be blocked by IMEI (device hardware identifier) across all Australian carriers. If your device is blocked by one carrier for emergency calling non-compliance, it’s blocked by all carriers. International use may still be possible, but the device is permanently unusable on Australian networks.
The firmware configuration was created when Vodafone’s 3G network was operational and provided extensive coverage in the mid-2010s. The bug was latent—it only showed up when Vodafone decommissioned 3G in late 2023, years after the affected devices were sold and exceeded their support lifecycle. Emergency call failover testing wasn’t comprehensive enough to detect hardcoded network configurations in scenarios simulating complete network technology shutdowns.
Legacy 3G emergency calling used circuit-switched voice networks with hardware-based automatic network scanning by the baseband processor, independent of firmware configuration. VoLTE emergency calling transmits voice as data packets over 4G LTE networks, requiring explicit firmware instructions for network selection, emergency bearer configuration, and camp-on behaviour. VoLTE is more efficient but introduces firmware dependency risks, as the Samsung incident demonstrates.
Newer Samsung devices—generally those released after 2018 and still receiving security updates—use updated firmware architecture with dynamic emergency network configuration rather than hardcoded settings. These devices receive regular firmware updates and are tested against current emergency calling standards. However, the incident highlights the importance of ongoing testing during network transitions and comprehensive emergency failover validation for all device models.
Yes. Implement quarterly emergency calling audits using non-emergency test numbers where available, or coordinate with carriers for controlled testing. Testing should verify: home network emergency calling, network unavailable scenarios (simulated by disabling home network in device settings), camp-on to alternative carriers, and cross-technology validation. Document all test results for compliance records and regulatory audits.
Key lessons: (1) Emergency calling compliance must be validated during procurement and periodically re-tested, especially during network technology transitions. (2) Device lifecycle planning should account for firmware update support timelines and regulatory compliance requirements. (3) Hardcoded firmware settings create long-term technical debt and compliance risks. (4) Vendor support commitments for emergency-related features should exceed typical commercial support windows. (5) Multi-carrier emergency failover testing is necessary, not just home network validation. (6) Regulatory compliance is non-negotiable—blocked devices become completely unusable, creating business continuity risks.
Testing protocol gaps meant carriers tested emergency calling primarily on home networks rather than comprehensive multi-carrier failover scenarios. TPG discovered an issue in late 2023 but identified a different problem. Telstra’s more comprehensive testing in late 2024 revealed the hardcoded Vodafone 3G configuration. The year-long gap highlights inadequate testing protocols, lack of standardised inter-carrier emergency testing requirements, and insufficient regulatory guidance on testing scope and frequency during network technology transitions.
While the Samsung hardcoded Vodafone 3G issue is unique to specific Samsung models, emergency calling firmware configuration is a potential risk across all manufacturers. The incident prompted ACMA and carriers to expand testing to other manufacturers and device models. Request emergency calling compliance documentation from all device vendors. Prioritise manufacturers with longer firmware update commitments. Implement independent emergency calling validation testing regardless of vendor claims.
Device blocking prevents network connectivity—calls, SMS, mobile data—but doesn’t affect the phone’s local functionality or stored data. You can still access photos, contacts, apps, and files. Before accepting a replacement phone, back up all data via Wi-Fi to cloud services (Google Drive, Samsung Cloud) or transfer to computer via USB. Carriers and Samsung provide data transfer tools and support during the replacement process.
The Samsung VoLTE firmware failure is a technical manifestation of deeper problems in telecommunications infrastructure, testing protocols, and regulatory oversight. For a comprehensive overview of how triple zero failures exposed systemic vulnerabilities across Australia’s telecommunications ecosystem, see our analysis of the broader crisis and what needs to change.
Why Australian Telecommunications Failed When Lives Depended on It and What Happens NextA TPG Telecom customer died when their Samsung phone couldn’t connect to Triple Zero in November 2025. This wasn’t an isolated incident. The September 2025 Optus outage prevented over 600 emergency calls from connecting and was linked to three deaths. Telstra identified more than 70 Samsung models that cannot make emergency calls on alternative networks when their primary carrier fails.
These aren’t just technical failures. They’re preventable deaths caused by systemic problems spanning device firmware, carrier operations, and regulatory oversight. Some Samsung phones have hardcoded firmware settings that cannot be fixed, requiring hardware replacement. Network outages that should have triggered automatic failover to alternative carriers left customers stranded with no way to reach emergency services. Testing protocols failed to detect these defects despite devices being sold since 2020.
Whether you’re checking if your phone can safely call Triple Zero, managing device fleets, or understanding what government intervention means for telecommunications reliability, this crisis has implications for everyone. The scope affects tens of thousands of devices, multiple carrier failures, new regulatory powers, and operational changes across the industry.
This guide provides comprehensive coverage of the Australian telecommunications public safety crisis. You’ll find technical explanations of why emergency calls failed, analysis of regulatory responses including the new Triple Zero Custodian role, operational case studies of carrier responses, practical guidance for checking device safety, and strategic lessons for enterprise fleet management.
Australia experienced a systemic telecommunications emergency calling crisis between November 2023 and November 2025 involving multiple failure modes. Network outages prevented emergency calls from connecting, causing at least three deaths during the September 2025 Optus outage. Separately, firmware defects in 71+ Samsung device models prevented emergency calls from routing to alternative networks when primary carriers failed. A TPG customer died in November 2025 after their Samsung phone could not connect to emergency services, triggering regulatory intervention and creating the new Triple Zero Custodian oversight role.
The crisis unfolded across three distinct failure patterns. Complete network outages struck Optus in November 2023 and September 2025, blocking all emergency calls regardless of device. Device firmware defects prevented automatic failover to alternative carriers—when a customer’s primary network was unavailable, their Samsung phone should have roamed to any available network for emergency calls, but hardcoded settings prevented this. Carrier non-compliance with emergency calling regulations left customers vulnerable during critical incidents, with some carriers taking over a year to identify and notify affected customers.
The September 2025 Optus outage resulted in over 600 failed emergency calls and was linked to three deaths. These preventable fatalities demanded immediate government intervention beyond reactive fines after failures occurred.
Systemic vulnerabilities emerged during the 3G network shutdown. The planned decommissioning of 3G networks revealed that thousands of devices could not make emergency calls on newer 4G and 5G networks. Devices that relied on 3G for emergency connectivity lost this capability, while VoLTE-compatible devices with firmware defects could not failover to alternative carriers when their primary network failed. The migration exposed cascading failures in device testing, carrier certification, and regulatory oversight that had remained undetected since 2020.
If you need to understand the technical causes of these failures, read our detailed analysis of how VoLTE firmware failures block emergency calls. If you’re concerned about your own device’s safety, check our guide on whether your Samsung phone is safe to call Triple Zero.
Samsung firmware defects in 71+ device models hardcoded network selection settings that prevented emergency call failover to alternative carriers. When a device’s primary carrier network failed or became unavailable, the firmware should have allowed roaming to any available network for emergency calls. Instead, hardcoded carrier identifiers locked devices to their primary network even during complete outages. Because these settings exist in read-only firmware partitions, software updates cannot fix affected devices, requiring hardware replacement for some models.
VoLTE emergency calling depends on dynamic network selection. Modern 4G and 5G emergency calls use Voice over LTE technology, which requires devices to register with a carrier’s IMS (IP Multimedia Subsystem) infrastructure. When the primary carrier network is unavailable, devices should automatically scan for and connect to alternative carriers for emergency calls only. This failover mechanism is mandated by Australian regulations but depends on correct firmware implementation in every device.
Hardcoded carrier settings created single points of failure that industry experts described as “highly irregular” and even “unheard of” in mobile engineering circles. Samsung firmware on affected devices contained hardcoded Mobile Country Code (MCC) and Mobile Network Code (MNC) values that prevented roaming to alternative networks. Testing by Telstra identified that these devices could not connect to the Vodafone network for emergency calls even when Vodafone coverage was available. The hardcoded settings exist in firmware partitions that cannot be modified through over-the-air updates, making some devices permanently incapable of emergency call failover.
Standard carrier testing protocols failed to detect the defects because they focused on normal operating conditions. Carriers typically test devices on their own networks when everything is working properly. The Samsung firmware defects only manifested when the primary carrier network was unavailable and the device needed to roam to an alternative network—a scenario not routinely tested. This gap in testing protocols allowed non-compliant devices to be certified and sold to customers since 2020, creating widespread public safety risk that remained undetected until fatal failures occurred.
For a complete technical explanation including VoLTE architecture, firmware configuration hierarchy, and why hardcoded settings prevent fixes, read our deep dive on VoLTE firmware failures and unfixable Samsung phones. If you manage device fleets and need to understand testing implications, see our enterprise fleet management lessons.
Australian telecommunications carriers must ensure devices can connect to emergency services under the Emergency Call Service Determination, enforced by ACMA. Carriers must notify customers within 30 days if their devices cannot make emergency calls, block non-compliant devices from networks, and maintain emergency calling capability during network failures through multi-operator core network failover mechanisms. Amendments enacted in November 2025 mandate facility wilting protocols that automatically release customers to alternative carriers during outages. Maximum penalties for non-compliance increased from $250,000 to $30 million.
Carriers face cascading notification obligations during major outages. The Telecommunications Customer Communications for Outages Industry Standard requires carriers to notify customers, other carriers, emergency service providers, and regulators within specific timeframes based on outage scale. Major outages affecting 100,000+ services for 60+ minutes trigger immediate notification requirements. Regional and remote areas have lower thresholds—1,000+ services for regional areas, 250+ for remote areas—recognising their higher vulnerability to telecommunications disruptions.
Device blocking powers enforce emergency calling compliance. Under the Triple Zero Rules, carriers must block devices from their networks if those devices cannot reliably connect to emergency services. Carriers must provide 28 days notice before blocking, allowing customers time to update firmware or obtain replacement devices. This enforcement mechanism aims to remove non-compliant devices from service, though its effectiveness depends on carriers accurately identifying problematic devices and customers responding to notifications before the deadline.
New facility wilting requirements address systemic failover failures. Amendments to the ECS Determination enacted in November 2025 require carriers operating multi-operator core networks to implement facility wilting protocols. When network facilities lose connectivity to the core network, they must become unavailable to force customer devices to connect to alternative carriers. This addresses the root cause of emergency call failures where devices remained registered to failed networks instead of roaming to working alternatives.
For comprehensive analysis of the regulatory framework including the new Triple Zero Custodian powers, enforcement mechanisms, and international comparisons, read our detailed guide to Australia’s Triple Zero Custodian and government compliance powers.
The Triple Zero Custodian is a new independent oversight body created by the Telecommunications Legislation Amendment Act 2025 with proactive monitoring and intervention powers for emergency calling services. Unlike ACMA’s reactive enforcement role, the Custodian continuously monitors emergency call performance, can request ACMA investigations, and issues performance directions to carriers. However, the Custodian lacks independent enforcement authority and must refer violations to ACMA for penalties, creating questions about whether this two-tier structure provides sufficient accountability.
The Custodian was created in response to repeated carrier failures and regulatory gaps. The Optus November 2023 outage resulted in a $12 million ACMA fine but failed to prevent the September 2025 outage that killed three people. The TPG customer death in November 2025 revealed that reactive ACMA enforcement after failures was insufficient. The Custodian provides ongoing oversight to identify and address risks before they cause harm, representing a shift from punishment after failures to prevention before them.
Custodian powers focus on monitoring and coordination rather than direct enforcement. The Custodian can monitor emergency call service performance across all carriers, prepare for and coordinate responses to outage events, request ACMA to exercise regulatory powers including investigations and penalties, and issue performance directions to carriers specifying required improvements. This proactive monitoring enables earlier intervention, but the Custodian cannot directly impose penalties or force immediate carrier action without ACMA involvement, potentially creating delays during rapidly evolving crises.
International comparisons reveal variations in emergency calling oversight. The US Federal Communications Commission has direct enforcement authority over 911 services and can impose immediate corrective actions when carriers fail. European regulators under the European Electronic Communications Code have similar direct intervention powers. Australia’s bifurcated model with a monitoring Custodian and enforcement ACMA creates oversight redundancy but may complicate accountability when rapid responses are needed. Whether this structure proves more or less effective than international models remains to be seen.
For detailed regulatory analysis including the Custodian’s specific powers, ACMA enforcement capabilities, device blocking regulations, and international framework comparisons, read our comprehensive guide to Australia’s new Triple Zero Custodian and government enforcement powers.
Optus responded to repeated outages by insourcing 450 network operations staff previously outsourced to Nokia, aiming to improve control over critical infrastructure. Telstra conducted comprehensive device testing that identified 71+ Samsung models with emergency calling defects, demonstrating the testing rigour that other carriers lacked. TPG faces ongoing ACMA investigation for potential Triple Zero Rules violations. The operational responses reveal tensions between cost optimisation through outsourcing and reliability requirements for life-safety infrastructure.
Optus’s strategic shift from outsourcing to insourcing critical network operations followed the September 2025 outage linked to three deaths. The company decided to insource 450 roles, with 150 staff transferring from Nokia and 300 additional positions created. This reverses years of outsourcing network operations to reduce costs. The decision recognises that when network failures can cause deaths, maintaining direct operational control outweighs outsourcing cost savings. However, the transition period creates risks as institutional knowledge transfers from Nokia to Optus employees.
Telstra’s comprehensive device testing programme identified emergency calling defects that other carriers had not detected. This testing included scenarios other carriers had not examined—attempting emergency calls when the primary carrier was unavailable and failover to alternative carriers was required. Telstra’s findings exposed that other carriers had not tested emergency calling under network failure conditions, allowing non-compliant devices to be certified and sold since 2020.
Carrier responses highlight trade-offs between operational models and resilience. Optus’s insourcing increases costs but improves control over critical functions. Telstra’s enhanced testing requires more resources but identifies critical safety issues before they cause harm. TPG’s investigation exposes compliance failures and questions about when the company knew about affected devices. These responses demonstrate that ensuring emergency calling reliability demands significant operational investment beyond minimum regulatory compliance. Carriers must choose between lean operations optimised for cost and robust operations designed for life-safety requirements.
For a detailed case study of Optus’s insourcing decision including strategic analysis of outsourcing trade-offs and lessons for other organisations with critical infrastructure, read our examination of how Optus responded by bringing network operations in-house.
Telstra identified 71+ Samsung device models unable to make emergency calls via network roaming, including popular models across Galaxy S, A, and Z series. Affected devices have hardcoded firmware that prevents emergency call failover to alternative carriers during outages. The defect affects approximately tens of thousands of devices currently in use across Australia. Samsung released firmware updates for some models, but devices with read-only firmware partitions require hardware replacement. Customers should check Samsung’s official affected device list, verify their model and firmware version, and contact their carrier for specific guidance.
Affected devices span multiple Samsung product lines and price points. The 71+ models include flagship Galaxy S series, mid-range Galaxy A series, and foldable Galaxy Z series devices sold between 2020 and 2024. Multiple models across all product tiers are affected, with some requiring hardware replacement. A complete, updated list is maintained by Samsung and carriers. The widespread nature of the defect indicates a systemic firmware development issue rather than isolated errors in specific models.
Checking device status requires multiple verification steps. Customers must identify their exact device model through Settings → About Phone, check if that model appears on the affected device list published by Samsung and carriers, verify current firmware version, and confirm with their specific carrier whether updates are available. The same device model may have different firmware versions depending on which carrier sold it, and carrier-specific firmware may be updatable while unlocked firmware is not.
Consumer options depend on whether firmware can be updated. Devices that can receive firmware updates should be updated immediately through Samsung’s software update mechanism. Devices with hardcoded firmware that cannot be updated may be blocked from carrier networks under device blocking regulations, requiring customers to obtain replacement devices. Carriers have varying policies on providing free replacements—some offer subsidised upgrades while others require customers to purchase new devices at full cost. Customers have 28 days from carrier notification to update or replace their device before it is blocked from all Australian mobile networks.
For step-by-step instructions on checking your device, updating firmware, testing emergency call capability, and determining when replacement is necessary, read our complete consumer safety guide: Is your Samsung phone safe to call Triple Zero and how to check your emergency call capability.
Organisations should implement emergency calling verification as a mandatory procurement requirement, testing devices across multiple carrier scenarios including primary carrier failures. Vendor due diligence must include emergency calling compliance certification and firmware update commitments. Fleet management processes should track device emergency calling capability, monitor vendor security advisories for firmware defects, and maintain device replacement cycles that prevent critical infrastructure reliance on devices that cannot receive firmware updates. The crisis demonstrates that standard carrier certification is insufficient assurance.
Procurement processes must include emergency calling testing requirements beyond standard features and performance metrics. Standard device procurement focuses on features, price, and performance under normal conditions. Emergency calling capability should be a mandatory requirement verified through carrier-independent testing. Procurement specifications should require vendors to demonstrate emergency calling functionality when the primary carrier is unavailable, provide firmware update commitments for the device lifecycle, and disclose any hardcoded settings that could prevent emergency call failover.
Vendor risk management frameworks must assess life-safety implications that standard enterprise vendor management typically overlooks. Enterprise vendor management typically evaluates financial stability, delivery reliability, and support quality. For devices used in environments where emergency calling is critical, vendor assessment must include safety engineering practices, firmware development quality processes, regulatory compliance track record, and responsiveness to disclosed security and safety vulnerabilities. The Samsung firmware defects demonstrate that even major manufacturers with robust quality processes can ship devices with life-threatening defects.
Fleet management must include ongoing emergency calling capability monitoring because initial procurement testing is insufficient. Firmware updates, carrier network changes, and regulatory requirement modifications can affect emergency calling capability over time. Fleet management processes should monitor vendor security advisories for emergency calling issues, track which devices can receive firmware updates and which require replacement, and maintain audit trails proving that managed devices meet emergency calling requirements. Organisations with duty-of-care obligations for employee safety face potential liability if they deploy devices that cannot reliably reach emergency services.
For comprehensive guidance on implementing enterprise device testing programmes, vendor due diligence frameworks, fleet management best practices, and operational resilience planning, read our strategic guide to lessons from the Australian emergency call crisis for enterprise mobile device fleet management.
The Triple Zero Custodian began operations in 2025 with ongoing carrier performance monitoring and a real-time public outage register launched November 2025. ACMA investigations into TPG and Optus compliance continue, with potential penalties up to $30 million. Carriers must implement facility wilting protocols for multi-operator core networks by November 2025. The proposed Telecommunications Amendment (Enhancing Consumer Safeguards) Bill, currently before Parliament, would make emergency calling standards directly enforceable rather than voluntary. Device blocking for non-compliant Samsung phones continues through 2025 as carriers identify affected devices.
The regulatory framework continues evolving to address identified gaps. The facility wilting requirements, increased maximum penalties, and enhanced notification obligations represent reactive responses to specific failure modes. The Telecommunications Amendment (Enhancing Consumer Safeguards) Bill, if passed, would make Code C536:2020 (Emergency Call Service Requirements) mandatory rather than a voluntary registered code, giving ACMA direct enforcement authority over technical standards. This regulatory evolution moves from industry self-regulation to prescriptive government mandates following repeated carrier failures.
Transparency initiatives aim to provide public visibility into network reliability. The real-time outage register launched November 2025 allows consumers to verify carrier reliability claims and makes outage patterns visible before they cause harm. Mandatory outage reporting with specified timeframes creates audit trails for ACMA enforcement. Consumer advocates argue transparency alone is insufficient without competitive market dynamics that reward reliability, as many regional areas have limited carrier choice regardless of reliability track records.
Technology changes present both opportunities and risks for future emergency calling reliability. The 3G shutdown exposed emergency calling vulnerabilities but enables spectrum reallocation to more efficient 4G and 5G networks. Newer devices designed for VoLTE from inception may avoid legacy firmware issues affecting devices migrated from 3G. However, increasing network complexity with 5G, network function virtualisation, and cloud-native architectures creates new potential failure modes. Future telecommunications resilience requires learning from current crisis failures and implementing robust testing and oversight before new technologies reach consumers.
For detailed analysis of regulatory developments including the Triple Zero Custodian’s operational timeline, ACMA enforcement actions, and proposed legislative changes, read our guide to Australia’s new Triple Zero Custodian and government compliance powers.
How VoLTE Firmware Failures Block Emergency Calls and Why Some Samsung Phones Cannot Be Fixed
Deep technical analysis of VoLTE architecture, firmware configuration hierarchy, network failover mechanisms, and why hardcoded settings prevent fixes. Explains how emergency calls should route through IMS infrastructure, what firmware settings control network selection, why Samsung firmware locked calls to wrong networks, and how failover mechanisms are supposed to protect emergency calls. Essential for understanding the root technical causes of emergency calling failures and why some devices cannot be repaired.
For technical readers who need to understand root causes and firmware architecture.
Australia’s New Triple Zero Custodian and Government Powers to Force Telecommunications Compliance
Comprehensive analysis of regulatory response including new Triple Zero Custodian role, ACMA enforcement powers, device blocking regulations, and international regulatory comparisons. Covers what the Custodian can and cannot do, how device blocking works as an enforcement tool, carrier compliance obligations under the Emergency Call Service Determination, and how Australian regulation compares with US FCC and European models. Essential for understanding government intervention and regulatory accountability.
For those seeking to understand regulatory frameworks and government enforcement mechanisms.
How Optus Responded to the Emergency Call Crisis by Bringing Network Operations In-House
Strategic examination of Optus’s decision to insource 450 staff from Nokia, analysing insourcing versus outsourcing trade-offs for critical telecommunications infrastructure. Covers the Nokia outsourcing arrangement, timeline of Optus’s response to repeated failures, strategic rationale for taking direct control of network operations, and lessons for other organisations with outsourced critical functions. Valuable case study for technology leaders evaluating vendor relationships and operational resilience.
For technology leaders evaluating outsourcing strategies and operational control of critical infrastructure.
Is Your Samsung Phone Safe to Call Triple Zero and How to Check Your Emergency Call Capability
Practical guide covering affected devices, checking procedures, firmware update instructions, emergency call testing methods, and when device replacement is required. Includes step-by-step instructions for identifying your device model, checking Samsung’s affected device list, performing firmware updates, testing emergency calling capability, and understanding carrier-specific replacement options. Essential for anyone with a Samsung device who needs to verify their emergency calling safety.
For Samsung phone owners who need to verify their device’s emergency calling capability.
Lessons from the Australian Emergency Call Crisis for Enterprise Mobile Device Fleet Management
Strategic guidance for technology leaders on mobile device procurement testing, vendor due diligence, fleet management best practices, and operational resilience planning. Covers what enterprises can learn from carrier testing failures, how to evaluate device safety before procurement, emergency call testing protocols for device fleets, vendor risk management frameworks, and ongoing fleet monitoring practices. Essential for organisations managing mobile device fleets with duty-of-care obligations for employee safety.
For organisations managing mobile device fleets with employee safety responsibilities.
At least four confirmed deaths are linked to telecommunications emergency calling failures. Three deaths were associated with the September 2025 Optus network outage that prevented over 600 emergency calls from connecting. One TPG customer died in November 2025 after their emergency call could not connect, with investigations examining whether Samsung firmware defects or carrier failures were responsible. These represent confirmed direct links where telecommunications failures prevented emergency services from being reached. Additional deaths may have occurred where telecommunications failures contributed to delayed emergency response but have not been officially confirmed.
These represent three distinct failure modes that created the systemic crisis. The Optus outages were complete network failures that prevented all customers from making emergency calls regardless of what device they were using. The Samsung firmware defects prevent emergency call failover to alternative carriers when the primary carrier is unavailable, affecting specific device models across all carriers. The TPG customer death is under investigation to determine whether carrier non-compliance with notification requirements, Samsung firmware defects, or a combination of factors prevented the emergency call from connecting. All three failure modes exposed different vulnerabilities in the telecommunications emergency calling system.
Australian telecommunications carriers operate under regulatory frameworks that define their obligations, but civil liability for emergency call failures involves complex legal questions about duty of care, causation, and regulatory compliance defences. Victims or families may have grounds for civil actions if carriers failed to meet regulatory obligations and that failure directly caused harm. However, carriers may argue regulatory compliance provides a defence, or that multiple parties including device manufacturers and software providers share responsibility. Legal outcomes depend on specific circumstances of each case, including whether the carrier met notification obligations, implemented required testing, and followed emergency calling regulations.
Maintain multiple communication methods for emergency situations. A landline telephone if available uses separate infrastructure from mobile networks and is not affected by mobile carrier outages or device firmware issues. A secondary mobile device from a different carrier provides redundancy if your primary carrier fails. Know your exact location address to provide to emergency services if calling from a different device or location. Be aware of neighbours or nearby locations with working communications who could assist in emergencies. For those in remote areas, consider satellite emergency beacons such as PLBs or EPIRBs that operate independently of telecommunications networks.
Contact ACMA through their online complaint form at www.acma.gov.au or phone 1300 850 115. Provide specific details including date and time of the incident, carrier name, device model, what happened when you attempted the call, and any documentation such as screenshots or carrier responses. For emergency calling failures specifically, also file a complaint with the Telecommunications Industry Ombudsman at www.tio.com.au or 1800 062 058 if your carrier does not resolve the issue. Document everything including notification dates, carrier responses, and actions taken, as these records may support regulatory investigations and potential enforcement actions.
5G networks use similar VoLTE infrastructure for voice calls, so they face the same firmware compatibility and network failover challenges as 4G. The technology itself does not automatically improve emergency calling reliability. What matters is proper implementation of failover mechanisms, comprehensive device testing including failure scenarios, and regulatory enforcement of emergency calling requirements. In fact, 5G’s increased complexity through network slicing and virtualisation may actually create new failure modes if not carefully managed. Future emergency calling reliability depends on learning from current failures and implementing robust testing and oversight before deploying new technologies.
Emergency calling reliability should be a significant factor in carrier selection alongside coverage, price, and service quality. Review carriers’ outage history through the new real-time outage register launched November 2025, examine their track record of ACMA enforcement actions and penalties for compliance failures, and assess their device testing and certification processes. However, recognise that regulatory requirements apply to all carriers, and systemic issues like Samsung firmware defects affect customers regardless of carrier. In areas with limited carrier options, focus on device selection and maintaining backup communication methods rather than relying solely on carrier choice for emergency calling reliability.
Device manufacturers must design firmware that complies with emergency calling regulations in markets where they sell devices. This includes implementing proper network failover mechanisms that allow emergency calls to route to any available carrier, avoiding hardcoded settings that prevent emergency call routing to alternative carriers, and providing firmware updates to fix emergency calling defects when they are discovered. In Australia, manufacturers can face device blocking if their products cannot reliably connect to emergency services, effectively preventing sales. However, enforcement primarily targets carriers who sell non-compliant devices rather than manufacturers directly, creating questions about accountability when firmware defects originate with manufacturers.
You have 28 days from the date your carrier sends you a notification about your affected device to either update the firmware or obtain a replacement device. After this 28-day period, carriers are required to block your device from their networks under the Triple Zero Rules. If your device can be fixed with a firmware update, you should update immediately through Samsung’s software update mechanism. If your device requires hardware replacement because the firmware cannot be updated, contact your carrier to understand their replacement policy and ensure you have a compliant device before the 28-day deadline expires.
Technology Leadership in a Bifurcated World: A Decision Framework for Modern CTOsBeing a tech leader used to be about building things. Now it includes navigating export controls, semiconductor supply chains, and data sovereignty laws.
This comprehensive framework synthesizes insights from our complete analysis of US-China tech competition and tech sovereignty, providing you with actionable decision-making tools tailored for CTOs in small to medium-sized technology companies.
The US-China tech competition affects your vendor relationships, infrastructure costs, and your ability to ship features. Export controls on AI chips, Taiwan’s semiconductor concentration, and regulatory fragmentation all create risks beyond the usual technical evaluation.
Most guidance out there targets enterprises with policy teams and multi-million dollar budgets. If you’re running technology for a company with 50 to 500 employees, you need something different—something you can actually use.
This article gives you that. You’ll get a risk triage process that tells you when to worry, when to act, and when to wait. You’ll get vendor evaluation scorecards with geopolitical criteria. You’ll get board presentation templates that translate semiconductor supply chains into language your board understands.
Think of this as your reference guide. When a vendor notification lands about service restrictions, when your board asks about technology dependencies, or when you’re evaluating cloud providers—this framework gives you a structure for making those decisions.
It’s a structured way to factor geopolitical risk into your technology decisions alongside technical and financial considerations.
Four components. A risk triage process that categorises threats by urgency. Vendor evaluation scorecards that assess ownership structure, geographic exposure, regulatory compliance, and technology dependencies. Timeline assessments that separate immediate tactical responses from long-term strategic positioning. Action matrices by company size and industry.
Start by assessing your tech stack for concentration risk. Do you depend on NVIDIA chips, TSMC manufacturing, or a single cloud provider? Review regulatory compliance across jurisdictions where you operate. Identify stakeholder risk tolerance.
What you get: vendor selection decisions with geopolitical criteria. Board presentations that connect technology dependencies to business outcomes. Supply chain diversification roadmaps. Contingency plans for export control changes.
What makes this different? You’re adding a geopolitical layer to your decisions—building on foundational tech sovereignty concepts to address sovereignty concerns, regulatory fragmentation, and technology bifurcation alongside uptime and cost.
The framework scales to companies between 50 and 500 employees by focusing on high-impact, resource-efficient approaches. No massive policy teams required.
Tech sovereignty becomes relevant in three ways, and mixing them up wastes time and money.
Worry when geopolitical events create potential future risks but don’t require immediate resource allocation. Act when risks have high probability and near-term impact. Wait when risks are speculative or mitigation costs exceed realistic impact.
Worry means monitoring US-China trade tensions and tracking regulatory proposals. Stay informed but don’t act yet.
Act means responding to vendor dependencies on sanctioned technologies, confirmed export control changes, or compliance deadlines within 12 months. When vendors notify you of service restrictions, that’s your signal to act.
Wait applies to hypothetical conflicts, technologies unrelated to your operations, or scenarios without credible catalysts. Don’t spend money fixing problems that might never happen.
The triage decision depends on four factors. Probability. Business impact magnitude. Mitigation cost and feasibility. And organisational capacity for change.
The cost-benefit analysis matters more for SMBs. If mitigation costs exceed twice the estimated impact, wait. If you lack capacity to implement properly, wait. If quick wins address multiple risks, act.
Taiwan semiconductor risk? Act if you’re building hardware that depends on TSMC’s manufacturing capabilities. Worry if you’re SaaS with indirect exposure through cloud providers. Wait if you’re purely software.
AI chip export controls? Act if you’re building ML-intensive applications that need advanced GPUs for AI infrastructure. Worry if you’re planning AI features. Wait if you’re running standard business applications.
Data localisation rules? Act if you have international customers in regulated industries. Worry if you’re expanding to new markets. Wait if you’re operating domestically only.
You need five dimensions. Ownership structure, geographic exposure, regulatory compliance, technology dependencies, and strategic alignment.
Ownership structure determines who can compel your vendor to act. Vendors in politically unstable regions or with state involvement pose heightened risks from sanctions or policy shifts. Check who actually owns the company and what jurisdiction they answer to.
Geographic exposure reveals concentration risk. Map data centre locations against geopolitical hotspots—Taiwan, mainland China, Russia. If your vendor’s entire engineering team sits in one jurisdiction subject to talent restrictions, service continuity suffers when things get messy.
Regulatory compliance history shows how vendors respond to legal requirements. Look for sanctions violations, legal responsiveness, and certifications like ISO 27001, SOC 2, or GDPR adequacy. Understanding export control compliance requirements helps you evaluate vendor regulatory responsiveness.
Technology dependencies mean examining your vendor’s supply chain. Do they rely on semiconductor supply chain dependencies like NVIDIA chips or TSMC manufacturing? Their vulnerabilities flow downstream to you. If their chips get cut off, your service gets cut off.
Strategic positioning assesses where vendors sit in the US-China tech competition. Government and defence customers indicate alignment. Participation in nationalist tech initiatives like Made in China 2025 matters. These choices tell you which side they’re on.
Rate each dimension low, medium, or high. Weight by criticality to your business. Combine for an overall vendor risk score.
High-risk vendors aren’t automatically disqualified. You can mitigate through comprehensive risk mitigation strategies like dual supply chain arrangements, contractual protections, or technical architectures that let you switch vendors rapidly when needed.
AWS, Azure, and Google Cloud score low on ownership risk—US-headquartered, private, strong compliance. All three rely on semiconductor supply chains concentrated in Taiwan, but their scale gives them preferential access when chips get scarce. Understanding regional tech ecosystem dynamics helps you evaluate geographic concentration risk.
Create a scorecard. Rate each dimension. Weight by criticality. Set thresholds: acceptable, requires mitigation, unacceptable. Review it quarterly, not once and forget.
Board presentations need four elements. Executive summary, risk assessment matrix, dependency maps, and action plan.
Translate technical risks into business language. Don’t say “TSMC dependency.” Say “70% of our critical chip supply comes from a single geographic risk zone”. Don’t say “export controls on AI chips.” Say “restricted access to technologies our product roadmap depends on.”
The board has three functions: oversight, strategy guidance, and ensuring legal operations. Show them what risks exist, how you’re managing them, and what decisions you need from them.
The risk assessment matrix categorises threats by probability and impact. Use colour coding—red for high urgency, yellow for monitoring, green for acceptable risk. Makes it easy for non-technical directors to grasp the situation at a glance.
Dependency maps visualise tech stack concentration. Network diagrams work well. Geographic heat maps make geopolitical exposure obvious. Timeline charts show when decisions need to be made—nothing focuses attention like a deadline.
Present baseline, optimistic, and pessimistic scenarios with probabilities and business impact for each. Different directors bring different perspectives—investors focus on competitive advantage, operators on execution, finance on cost. Address all three or you’ll face follow-up questions.
The action plan specifies initiatives with owners, timelines, budgets, and metrics. Show ROI through risk reduction. Quantify revenue at risk, compliance penalties avoided, customer churn prevented. The board needs numbers, not hand-waving.
Give the board a clear decision point. “Approve £X investment.” “Accept Y level of residual risk.” Instead of explaining how, communicate what that means for customer contracts and growth targets.
“Paying down technical debt” becomes “reducing operational risk” in board language. Frame risks in terms executives understand—PCI-DSS non-compliance means losing ability to process credit cards, which means revenue stops.
Geopolitical tech risks differ by industry because of regulatory context, data sensitivity, and infrastructure dependencies. What matters for a SaaS company looks very different from what matters for FinTech.
SaaS companies face cloud provider and AI infrastructure risks. Regulatory complexity is lower unless you’re serving government clients. SOC 2 has become a market-driven expectation, but data localisation requirements remain light for domestic operations. Your main exposure is cloud concentration.
Weight cloud provider concentration highest. Multi-cloud portability matters for enterprise customers who care about vendor lock-in. ISO 27001 is particularly important for international markets where it’s often a gate to customer conversations.
Mitigation priorities: multi-cloud portability, vendor diversification in AI infrastructure, data localisation for enterprise customers only. Apply scenario planning frameworks appropriate to your customer base—don’t over-engineer compliance for customers who don’t need it.
FinTech companies encounter the highest regulatory burden. Mandatory data localisation for financial records. Sanctions compliance for payments that cross borders. DORA compliance requires ICT risk management, incident reporting, and resilience testing. Understanding government policy frameworks helps you anticipate regulatory changes. The list goes on.
Weight regulatory compliance and geographic exposure equally high. Payment network access creates dependencies that geopolitical tensions can disrupt. When Swift got weaponised, FinTech companies noticed. Regional ecosystem analysis reveals which jurisdictions provide stable operating environments.
Mitigation priorities: redundant payment rails, enhanced vendor checks, jurisdiction-specific storage, compliance automation, legal counsel on retainer. Budget for it or don’t build FinTech.
HealthTech companies navigate patient data sovereignty laws and medical device supply chain vulnerabilities. HIPAA compliance is necessary for health-related data in the US. GDPR Article 9 creates additional requirements in the EU for special categories of personal data.
Weight data sovereignty highest for patient records. FDA versus EMA regulatory approval creates geographic complexity—different standards, different timelines, different costs.
Mitigation priorities: jurisdiction-specific cloud regions for patient data, medical-grade hardware vendor diversification, parallel regulatory approvals to avoid getting stuck in one market.
Budget allocation as percentage of tech spend: SaaS 3-5%, FinTech 7-12%, HealthTech 5-9%. These aren’t aspirational—they’re what it actually takes.
Immediate tactical responses address urgent risks within 12 months. Long-term strategic adaptation reshapes your architecture over 2-5 years. Very different approaches.
Tactical responses are reactive. When export controls change, you switch vendors. When data localisation deadlines arrive, you implement regional storage. When restrictions hit, you secure alternatives. You accept higher costs for speed because you have no choice.
Strategic adaptation is proactive. You design portable multi-cloud systems from inception. You build vendor relationships in multiple geopolitical blocs before you need them. You develop internal capabilities to reduce dependencies. You’re preparing for a future that hasn’t arrived yet.
The difference is treating bifurcation as a permanent operating context rather than a temporary problem. Because it probably is permanent.
Tactical examples: emergency vendor switches, implementing VPNs for compliance, contracting alternative suppliers, hiring compliance personnel to handle immediate requirements.
Strategic examples: designing cloud-portable applications so switching providers takes weeks not months. Establishing regional R&D centres. Building proprietary capabilities where vendor risk is too high. Participating in industry consortia that shape standards. Apply comprehensive supply chain resilience strategies to prepare systematically.
Only real hedge against unpredictable shocks is continued regionalisation as supply chains disperse geographically. Plan for it or get caught flat-footed.
Resource allocation by company size: 50-employee companies allocate 80% immediate, 20% near-term, 0% long-term. 200-employee companies allocate 60% tactical, 30% near-term, 10% strategic. 500-employee companies allocate 40% tactical, 30% near-term, 30% strategic. Scale your approach to your capacity.
“Act” signals demand tactical responses. “Worry” signals enable strategic preparation. “Wait” signals defer both. Use the right mode at the right time.
Company size affects your risk response through budget, team capacity, risk tolerance, and priorities. What works at 500 employees doesn’t work at 50.
Companies with 50 employees focus on monitoring and minimal viable compliance. Leverage existing vendor relationships rather than diversifying just for the sake of it. Accept higher concentration risk for operational simplicity. Prioritise revenue over proactive risk mitigation—you need to survive first.
Appropriate responses: monitor regulatory developments, leverage SaaS vendors’ compliance certifications rather than building your own, accept concentration risk in non-critical vendors, maintain simple tech stack.
Red lines you can’t cross: comply with data residency for existing customers in regulated industries, maintain export control awareness, conduct basic vendor stability checks, document security practices. These are non-negotiable even at 50 people.
Minimum viable approach: document your primary vendors and jurisdictions, subscribe to one regulatory update service, conduct basic contract review for red flags, establish quarterly 30-minute review. Total investment 5-8 hours per quarter. That’s it.
Companies with 200 employees can afford dedicated compliance resources. Conduct annual vendor risk assessments. Pilot dual vendor strategies in your most critical dependencies. Invest in modest architectural improvements that make switching easier.
Appropriate responses: annual vendor assessments using the scorecard framework, pilot dual supply chains for top three dependencies, hire or contract compliance expertise, implement tech stack portability in new products going forward.
Investment priorities: vendor diversification in top three dependencies, compliance automation to reduce manual overhead, architectural refactoring where it makes sense, SOC 2 and ISO 27001 certifications that open doors with enterprise customers.
Companies with 500 employees implement comprehensive vendor diversification. Establish formal geopolitical risk functions—someone owns this full-time. Invest in portable multi-cloud architectures. Treat geopolitical positioning as competitive advantage in sales cycles.
Appropriate responses: comprehensive vendor scorecarding across your entire stack, active dual supply chains with tested failover, formal risk monitoring with regular leadership reporting, portable cloud-native architectures, regular board reporting on geopolitical exposure.
Competitive advantages you can leverage: use geopolitical positioning in enterprise sales conversations, establish regional partnerships that give market access, invest in proprietary capabilities where vendor risk is intolerable, influence vendor roadmaps through strategic relationships.
Budget allocation: 50-employee companies spend 2-3% of tech budget on geopolitical risk. 200-employee companies spend 5-10%. 500-employee companies spend 10-15%. Scale accordingly or you’re either under-investing or wasting money.
Tech sovereignty is a nation’s or organisation’s ability to control technology independence and data governance. Governments are seeking to build their own large language models to secure technological independence. SMB CTOs should care because tech sovereignty drives government policies like export controls and data localisation that directly affect vendor availability, compliance obligations, and operational costs. It affects your vendor choices whether you like it or not.
The US has tightened restrictions on exports of semiconductor and AI technology to China including chip designs, design automation software, and related equipment. Export controls restrict advanced GPU availability in certain countries, potentially limiting ML and AI capabilities in affected cloud regions. Verify your cloud provider offers required AI infrastructure in compliant regions or maintain fallback options using unrestricted chip alternatives. Don’t assume global availability.
Document your primary vendors and their jurisdictions. Subscribe to one regulatory update service. Conduct basic contract review for data residency and continuity provisions. Establish a quarterly 30-minute review of vendor-reported risks and regulatory changes. Total investment approximately 5-8 hours per quarter. That’s the minimum—do less and you’re flying blind.
Cloud provider diversification for geopolitical risk makes sense when you’re operating in heavily regulated industries like FinTech or HealthTech, serving government or defence customers, depending on AI infrastructure subject to export controls, or operating internationally with data residency requirements. AWS Outposts, Azure Arc, and Google Anthos each offer different approaches to multi-cloud and hybrid cloud deployment. Pure-play domestic SaaS companies can typically defer this investment until they need it.
Frame geopolitical risk mitigation ROI through risk reduction rather than return generation. Quantify revenue at risk from vendor service interruption. Calculate compliance penalties avoided. Estimate customer churn prevented from security and sovereignty concerns. Benchmark insurance value against probability-weighted impact. This typically justifies 3-7% of tech budget for comprehensive programmes, which is what you’ll need to make it work.
Vendor notification of service changes due to regulatory restrictions. Confirmed regulatory compliance deadlines within 12 months. Enterprise customer due diligence raising geopolitical concerns. Audit findings on vendor concentration risk. Board or investor questions about tech dependencies. Direct impact from export control changes on your current tech stack. Any of these means you need to act now, not wait.
Establish a three-tier monitoring system. Subscribe to vendor security advisories and contract notifications for weekly review. Follow 2-3 curated industry newsletters on tech policy for monthly review. Schedule quarterly reviews of government regulatory agencies’ guidance documents. Total time investment 2-3 hours monthly. More than that and you’re overdoing it.
Small companies can implement lightweight dual supply chain strategies by maintaining relationships with alternative vendors without full migration, designing portable architectures in new development, negotiating contract provisions for vendor switching support, and piloting alternatives in non-critical systems. This becomes practical for companies with 100 or more employees. Below that, focus on portability not active redundancy.
Tech sovereignty encompasses full-stack technology independence including hardware, software, infrastructure, and standards. Data sovereignty specifically addresses legal control over data storage, processing, and transfer across jurisdictions. Data sovereignty is a component of the broader tech sovereignty concept—narrower scope, clearer rules.
Use the risk triage framework we covered. Categorise by probability and impact. Identify quick wins with low implementation effort. Align with existing strategic initiatives like cloud migrations that create opportunities for provider diversification. Focus on risks with near-term regulatory deadlines. Defer low-probability long-term risks unless you have spare capacity. This typically justifies 3-5 dedicated initiatives per year for 200-employee companies.
Implement a lightweight quarterly review process. Review your top 10 vendor relationships for ownership and regulatory changes. Scan regulatory agency websites for proposed rules in your jurisdictions. Assess export control updates affecting your technology stack. Review contract renewal opportunities for risk mitigation improvements. Update your board on material changes. Formalise this as a standing agenda item in CTO staff meetings so it actually happens.
Position geopolitical risk management as trust and resilience differentiators. Obtain relevant compliance certifications like SOC 2, ISO 27001, and regional equivalents. Document vendor diversification and data residency capabilities. Prepare customer-facing security and compliance documentation addressing sovereignty concerns. Participate in industry working groups demonstrating thought leadership. Include geopolitical risk discussion in enterprise sales technical reviews. Privacy compliance accelerates enterprise sales when properly implemented as the trust signal that wins competitive deals. Make it part of your pitch, not an afterthought.
This decision framework integrates insights from across the tech sovereignty landscape—from foundational concepts through semiconductor dependencies, AI infrastructure choices, government policy frameworks, risk mitigation strategies, and regional ecosystem dynamics. For a complete overview of US-China tech competition and its implications for technology leaders, see our comprehensive guide to navigating tech sovereignty.
The New Geography of Technology: How Regional Ecosystems Are Reshaping Under US-China CompetitionGeography used to be simple for technology companies. You designed chips in Silicon Valley, manufactured them wherever was cheapest, and shipped worldwide. Not anymore.
Where your chips come from now determines whether your business survives the next geopolitical disruption. Taiwan manufactures 90% of the world’s advanced semiconductors. That’s a single point of failure sitting in one of the most contested regions on earth.
US-China competition is forcing a complete reorganisation of how global tech ecosystems work. It’s not just about individual companies anymore—entire regional ecosystems matter. When you’re choosing between Taiwan, Korea, Japan, or Southeast Asia, you’re evaluating complete technology infrastructures, not just suppliers.
As we explored in our guide to understanding tech sovereignty, the shift toward regional technology alliances is reshaping how CTOs make expansion and sourcing decisions. If you’re in technology, you’re facing pressure to quantify Taiwan risk, evaluate friend-shoring alternatives, and build multi-region resilience. All while keeping costs under control. Understanding regional strengths and where they’re heading is now as important as understanding the specifications of the chips themselves.
Taiwan risk boils down to this: too many eggs in one basket. As detailed in our analysis of the global semiconductor supply chain, TSMC‘s dominance means most of the advanced chips powering AI, cloud computing, mobile devices, and automotive tech all depend on a single island.
And it’s a contested island.
The United States has zero capacity for leading-edge logic chips. Zero. Meanwhile 67% of capacity sits in Taiwan and 31% in South Korea. Your cloud providers depend on Taiwan. Your device manufacturers depend on Taiwan. Your chipmakers definitely depend on Taiwan.
China considers Taiwan part of its territory and hasn’t ruled out military action to make that a reality. Recent drills indicate the Chinese military is developing embargo capabilities. If Taiwan gets disrupted—through military action, natural disaster, or anything else—advanced chip production stops. Within weeks.
The effects would be catastrophic, affecting more than 50% of the world’s most advanced semiconductors. Scenario planning suggests it would take a minimum of 1-2 years to shift meaningful capacity elsewhere. You can’t switch suppliers fast enough when the crisis hits.
Very. Extremely. Uncomfortably.
Taiwan manufactures 63% of global semiconductor output by value and 90% of the most advanced chips. South Korea follows with 18%, Japan with 9%, the US with 6%, and China with 5%. The US share declined from 37% in 1990 to 10% in 2022, which tells you how dramatic the shift has been.
Advanced logic manufacturing at 5nm and below? That’s basically a duopoly. TSMC in Taiwan holds 90%+ of the market share. Samsung in Korea has the remaining 10%. Intel in the US trails by 2+ generations and isn’t competitive at the leading edge.
Memory chips concentrate in South Korea, where Samsung and SK Hynix control roughly 70% of the market. It’s worth noting that around 62% of China’s memory production is owned by South Korean firms, which creates its own interesting dependencies.
Then there’s the equipment manufacturing chokepoint. The Netherlands hosts ASML, the sole producer of extreme ultraviolet lithography machines. If you want to manufacture chips below 7nm, you need ASML’s EUV machines. There are no alternatives. ASML’s control is nearly absolute—they also own 90% of the market for less advanced lithography machines.
Japan supplies 50%+ of semiconductor materials and specialised equipment. Global dependence on Japanese materials is pronounced—56% of wafer production materials and 90% of photoresist come from Japan.
Here’s the uncomfortable reality: 75% of the world’s chip manufacturing concentrates in East Asia, driven largely by government subsidies. Building a new fab in the US costs approximately 30% more than building one in Taiwan, South Korea, or Singapore.
A regional tech ecosystem isn’t just a factory. It’s manufacturing, equipment suppliers, materials providers, engineering talent, infrastructure, and regulatory frameworks all clustered in one geographic area. Geography determines far more than where your factory sits—it determines whether you can actually solve problems when they arise.
Taiwan’s strength isn’t just TSMC. It’s that TSMC sits within 50km of dozens of equipment companies, materials suppliers, design firms, and IP providers. When something goes wrong at 2am, the right expertise can be on-site within an hour. That proximity enables rapid problem-solving you can’t replicate with video calls and shipping containers.
Korea’s chaebol system creates a different model. Samsung and SK are vertically integrated conglomerates that control multiple layers of the supply chain within single organisations. Different structure, similar result—everything you need is accessible quickly.
Silicon Valley still dominates chip design despite having zero advanced manufacturing. The concentration of fabless designers, venture capital, and architectural talent creates an ecosystem focused on what chips should do rather than how to make them.
China invested more than $250 billion in semiconductor manufacturing since 2019, tripling its capacity to roughly 20% of global output. That’s a massive investment. But it hasn’t eliminated the technology gaps, because building fabs is only part of the challenge.
This is why building new fabs in other regions doesn’t immediately replace Taiwan. The talent, the suppliers, the accumulated operational knowledge—that takes decades to develop. You can’t just construct a building and flip a switch.
Friend-shoring means sourcing from allied nations to reduce geopolitical risk. It’s vendor selection based on geopolitics, not just on specifications and price. This geographic diversification strategy, explored in detail in our guide to supply chain resilience, requires balancing capability, cost, and trust.
South Korea offers the most immediate capability. Samsung’s foundry operates at comparable nodes to TSMC, their memory leadership is unmatched, and the ecosystem is genuinely established. But you need to manage Korea-specific considerations. North Korea creates ongoing security risk. And Korean memory chipmakers are shifting from their China-focused strategy as US-China tensions escalate, which creates its own transition risks.
Japan provides trusted equipment and materials sourcing and is actively reviving domestic manufacturing. Strong IP protection and alignment with US interests matter. You’ll pay more and face capacity limitations, but the trust factor is high.
Singapore balances capability with reliability. Strong IP protection, political stability, and established semiconductor operations make it viable for high-value work. You’ll pay more than you would in broader Southeast Asia, but you get genuine reliability and security.
Vietnam and Malaysia offer cost advantages for backend operations like assembly, testing, and packaging. Growing infrastructure and large workforces create opportunity. But there’s limited advanced capability and IP protection concerns require operational security measures you wouldn’t need in Singapore or Japan.
If you need advanced manufacturing right now, only Korea provides a realistic alternative to Taiwan. If you’re looking at backend operations or mature nodes, Southeast Asia can work.
Taiwan has the deepest semiconductor talent pool on the planet—over 300,000 engineers with specialised expertise developed over 40 years. You don’t replicate that quickly.
South Korea’s chaebol system develops talent through Samsung and SK training programmes. There’s genuine technical depth, but it concentrates within the large corporations. The entrepreneurial ecosystem is less developed than Taiwan’s.
Japan maintains world-class equipment and materials engineering expertise. But they’re dealing with an aging workforce and language barriers that complicate international operations.
Silicon Valley dominates chip design talent but has almost no manufacturing engineering knowledge left. Design excellence doesn’t translate to fabrication capability—they’re different skill sets.
Southeast Asia has large workforces but limited advanced semiconductor expertise. Vietnam and Malaysia excel at backend operations but need significant training investment to develop frontend capabilities.
Here’s the thing about talent: you can build facilities faster than you can develop the people to run them. Talent development takes 5-10 years minimum. That timeline constraint affects everything.
Advanced semiconductor fabs need extraordinary infrastructure. We’re talking 100MW+ power supply. 10 million gallons of ultrapure water per day. Vibration-free foundations. Cleanroom environments. Chemical handling systems.
Taiwan’s infrastructure developed over 40 years but now faces serious constraints. Water stress and power limitations are restricting expansion. They can’t easily scale further.
South Korea’s chaebol-driven development created world-class infrastructure in Samsung and SK manufacturing regions. It’s genuinely excellent where it exists.
Singapore offers excellent infrastructure but within tight space constraints. Limited land availability restricts how much they can scale.
Vietnam and Malaysia are improving infrastructure rapidly but unevenly. Industrial zones are developing semiconductor-grade capabilities, but rural areas lag significantly.
The United States needs substantial upgrades. Arizona has water concerns. Texas has grid reliability questions. And permitting processes take forever.
Infrastructure readiness determines what’s feasible and on what timeline. Established regions can scale within 2-3 years if they have space and resources. Emerging regions need 5-10 years minimum.
IP protection determines where you can safely locate R&D and advanced manufacturing. The legal frameworks matter less than enforcement reality.
Five Eyes nations (US, UK, Canada, Australia, New Zealand) and aligned democracies like Japan, Korea, and Singapore provide the strongest IP protection. Laws exist and they’re actually enforced.
Singapore stands out in Southeast Asia. Their transparent legal system and reliable enforcement make them viable for high-value operations. You can actually trust the system to protect your IP.
Taiwan and South Korea have strong IP frameworks with generally effective enforcement. Not perfect, but solid.
Vietnam and Malaysia have improving frameworks but enforcement concerns remain. The practical risk of IP theft requires operational security measures you wouldn’t need elsewhere.
China presents IP protection challenges. Despite formal regulations, weak enforcement remains a real concern.
So where do you locate what? R&D stays in trusted regions. Manufacturing of well-protected processes can be more flexible once the process is established and documented.
Mature semiconductor ecosystems took 30-40 years to develop. Taiwan took decades. Korea took decades. Japan took decades. There are no shortcuts.
Building a new leading-edge fab takes 3-5 years minimum once you start. That’s 18-24 months for facility construction, another 12-18 months for equipment installation, then 12+ months for yield optimisation. And that’s if everything goes smoothly.
Developing a complete emerging region ecosystem for advanced capabilities realistically requires 10-15 years. Vietnam or Malaysia won’t match Taiwan’s capabilities before 2035 without absolutely sustained investment and focused effort.
As explored in our analysis of government strategies, the CHIPS Act-funded US expansion demonstrates these challenges in real time. TSMC’s Arizona facility and Intel’s Ohio expansion both face 4-6 year timelines despite massive government funding and corporate commitment.
Japan’s semiconductor revival with TSMC’s Kumamoto facility shows you can move faster when reviving existing ecosystems rather than building from scratch. They’re targeting operational status in 3-4 years by leveraging historical expertise that never completely disappeared.
Backend operations in Southeast Asia can achieve viability faster—3-5 years is realistic because the technical complexity is lower and the infrastructure requirements are less extreme.
Start with direct exposure mapping. Audit all your semiconductors, components, and assemblies for Taiwan origin. Focus especially on advanced chips—cloud infrastructure, AI accelerators, high-end compute. These have no short-term alternatives at all.
But indirect exposure often matters more than companies realise. Your cloud providers depend heavily on Taiwan chips. If you’re a SaaS company without any hardware products, you inherit this exposure through your infrastructure providers.
Calculate your time-to-failure. How long could your operations actually continue without new supply from Taiwan? Most companies have 3-6 months of buffer at best. Many have less. For a comprehensive framework on assessing your tech stack’s China and Taiwan exposure, see our detailed risk assessment methodology.
Evaluate alternative suppliers for each critical component. For advanced chips, the honest answer is often “no alternatives exist.” That’s uncomfortable but you need to acknowledge it.
Model the financial impact. What’s the revenue impact of a total supply halt? What about partial capacity reduction? What about extended lead times? Run the numbers.
Then assign scenario probabilities. Expert estimates of Chinese military action against Taiwan within 10 years range from 10% to 40%, with most clustering around 20-30%. It’s low probability but extraordinarily high impact.
Let’s walk through the realistic timeline of what happens if Taiwan’s semiconductor production stops.
Days 1-30: Taiwan production halts immediately. Advanced chip production globally effectively ceases because there are no alternatives for most processes.
Months 1-6: Product launches get delayed or cancelled entirely. Cloud infrastructure expansion freezes—no new data centres without new chips. Automotive production cuts deepen beyond current levels. Spot prices for remaining inventory spike 10-100x as companies panic-buy.
Months 6-18: Samsung in Korea and Intel in the US attempt rapid capacity expansion. But they face equipment bottlenecks they can’t solve quickly. ASML’s EUV machine production capacity is fixed—you can’t suddenly manufacture more of them.
Years 1-3: CHIPS Act facilities accelerate to completion. Samsung expands Korea capacity as fast as physically possible. But combined capacity remains 50-70% below what Taiwan provided. The gap simply can’t close quickly enough.
Years 3-5: Global technology advancement slows by 2-3 years as the leading edge stalls without TSMC’s innovation. A bifurcated ecosystem emerges—a Western sphere built on US and Korean production, an Eastern sphere built on Chinese production. Prices are permanently elevated 20-50% above pre-crisis levels. Some companies are bankrupted entirely by the disruption.
90% of advanced chip manufacturing capacity disappears overnight. That’s the blunt reality. Existing products continue shipping using inventory for maybe 3-6 months. Then production of new smartphones, AI systems, cloud infrastructure, and advanced automotive systems halts. Samsung in Korea and Intel in the US could partially compensate within 2-3 years, but capability gaps and significant price increases persist for 5+ years. It’s not a quick recovery.
Samsung manufactures at comparable nodes—3nm, 5nm—and offers the only realistic short-term alternative. But capacity constraints prevent complete replacement. Samsung’s foundry business represents roughly 10% of TSMC’s revenue. Substantial expansion requires years and tens of billions of dollars. For diversification purposes, Samsung is essential. For full replacement? Insufficient.
Singapore offers the most mature ecosystem with strong IP protection and established operations, but you’ll pay premium pricing. Malaysia provides established backend operations with lower costs. Vietnam represents emerging opportunity with genuine cost advantages but limited to simpler operations, and IP protection remains a concern. Which you choose depends on what type of operations you need and your risk tolerance.
Mature ecosystems historically required 30-40 years. Individual fabs can reach production in 3-5 years, but complete ecosystems including suppliers, talent pools, and supporting infrastructure take far longer. Regions with existing industrial base—like Japan reviving dormant capabilities—can accelerate to 5-7 years. Genuine greenfield development in emerging regions is realistically targeting 2035 or beyond for advanced capabilities.
Five Eyes (US, UK, Canada, Australia, New Zealand) is an intelligence-sharing alliance that now serves as a framework for trusted technology partnerships and coordinated export controls. For semiconductors, it provides a useful model for identifying allied nations where IP protection, security cooperation, and policy alignment reduce geopolitical risk. Not all Five Eyes members have significant semiconductor manufacturing, but the framework guides friend-shoring strategy.
The Netherlands hosts ASML, the only company on earth producing extreme ultraviolet lithography machines needed for manufacturing chips below 7nm. This monopoly makes the Netherlands a critical control point in the global semiconductor supply chain. ASML’s export policies—coordinated with the US government—determine who can access leading-edge manufacturing technology. One company, one country, complete control over advanced chip production.
Whether to diversify immediately depends on your exposure level, alternative availability, switching costs, and risk tolerance. Companies with significant dependencies and available alternatives should start now. But practical constraints prevent immediate switching for most advanced components—limited capacity, long qualification times, higher costs. A realistic approach: begin diversification for mature nodes and backend operations immediately. Plan a 3-5 year timeline for securing advanced alternatives. Our CTO decision framework provides a structured approach to evaluating these geographic considerations in your vendor selection process.
Advanced fabs need extraordinary infrastructure: reliable multi-hundred-megawatt power supply, massive water treatment capacity, specialised vibration-free environments, proximity to suppliers. Emerging regions often lack industrial-scale power and water systems, deal with unreliable electrical grids, face lengthy permitting challenges, and need to develop workforce housing. Infrastructure development alone requires 5-10 years and billions in investment, constraining how quickly new regions can emerge.
Taiwan has the deepest expertise with over 300,000 engineers covering the complete supply chain. Korea’s talent concentrates in chaebol training programmes at Samsung and SK—strong technical capabilities but less entrepreneurial ecosystem. Japan maintains world-class equipment and materials engineering but faces an aging workforce and language barriers. Southeast Asia has large workforces that excel at backend operations but limited advanced experience, requiring years of training for frontend work.
Geographic diversification typically increases costs 10-30% due to smaller scale at each location, qualification expenses, dual-sourcing complexity, and premium pricing in lower-risk regions. Operational costs rise from managing multiple supplier relationships, increased inventory requirements, and supply chain complexity. However, risk reduction often justifies these costs—Taiwan disruption modelling consistently shows potential 50-100% revenue losses that far exceed diversification expenses.
China has invested roughly $100 billion with mixed results. They’ve achieved success in mature nodes (28nm and above) and have a strong domestic market that provides built-in demand. However, export controls blocking EUV machine access prevent advanced production below 7nm, creating persistent technology gaps. All Chinese design companies compete for limited 7nm capacity at SMIC, and high bandwidth memory still cannot be sourced locally. It’s a partially successful ecosystem with clear limitations.
Mexico offers USMCA trade benefits, proximity to the US, and lower labour costs. But there’s limited existing semiconductor ecosystem, infrastructure gaps, and security concerns that constrain viability for advanced operations. Mexico might develop competitive backend operations over 5-10 years with sustained investment, but advanced manufacturing needs the kind of sustained commitment that seems unlikely in the near term. It’s an emerging long-term opportunity that requires patient capital and realistic expectations.
Supply Chain Resilience in the Age of Tech Bifurcation: Risk Assessment and Mitigation StrategiesYour supply chain is probably more vulnerable than you think. And it’s not just about natural disasters or the occasional shipping container stuck in a canal anymore.
This guide is part of our comprehensive Navigating Tech Sovereignty resource, which explores how US-China tech competition impacts technology leaders. Technology sits at the centre of geopolitical fragmentation, with semiconductors, AI, communications, and quantum computing serving as weapons in an economic cold war. The US put export controls on advanced chips starting in 2018. China hit back by building reverse dependencies—now the world relies on Chinese firms for electric vehicles, solar energy, and telecommunications.
This guide gives you the frameworks, templates, and checklists you need to assess your exposure and build resilience. You’ll get practical tools for technology stack risk assessment, vendor evaluation with geopolitical criteria, export control audits, scenario planning, cost-benefit analysis, and dual supply chain implementation.
And you’ll learn from L3Harris Technologies’ expensive mistakes so you don’t repeat them.
Tech bifurcation is the division of global technology markets into competing US-led and China-led ecosystems with parallel standards and supply chains. It creates supply chain risk through vendor disruptions, export control restrictions, and forced technology transitions. As detailed in our tech sovereignty guide, this represents a fundamental shift in how global technology markets operate.
Unlike supplier bankruptcy or quality issues, tech bifurcation adds a regulatory compliance layer with unpredictable political triggers. You probably have concentrated vendor dependencies you’re not fully aware of. You’re focused on building product and serving customers, not mapping the geopolitical exposure of your technology stack.
Many companies adopted a China Plus One strategy—adding secondary vendors outside China. But the only real hedge against unpredictable shocks is continued regionalisation or nationalisation. This requires proactive resilience building rather than reactive risk management.
A technology stack risk assessment systematically evaluates dependencies, vendor concentration, geopolitical exposure, and compliance obligations across your infrastructure. You map all technology dependencies, evaluate each vendor using a consistent framework, then prioritise mitigation efforts on the highest-scoring risks.
Here’s the process:
Step 1: Complete supply chain mapping
List every hardware supplier, software vendor, cloud provider, and API service your business depends on. Don’t forget embedded dependencies. Your cloud provider uses hardware from specific manufacturers. Your SaaS vendors run on specific cloud platforms. Map the transitive relationships too.
Step 2: Categorise by criticality
For each dependency, assign a business impact category:
Step 3: Identify country-of-origin
Document where each vendor is headquartered, where they manufacture or host data, and who owns the parent company. This isn’t about discrimination. It’s about understanding exposure to political decisions you can’t control.
Step 4: Apply risk scoring framework
Score each vendor across four dimensions on a 0-5 scale:
Geopolitical risk (0-5): Political stability of operating countries, exposure to sanctions regimes, trade restriction vulnerability, dual-use technology handling
Compliance risk (0-5): Export control classification, data sovereignty requirements, industry certifications needed, security audit status
Availability risk (0-5): Vendor financial health, single points of failure, disaster recovery capabilities, backup facility locations
Business impact (0-5): Revenue at risk from failure, customer impact, recovery timeline, switching difficulty
Step 5: Prioritise mitigation
Total the scores. Anything scoring 15+ requires attention. Build diversification plans or contingency procedures for these high-risk dependencies.
Common blind spots include API provider chains, embedded dependencies in software packages, and transitive vendor relationships where your vendor depends on a supplier you’ve never evaluated.
A vendor evaluation checklist with geopolitical criteria assesses financial stability, operational capabilities, compliance posture, country-of-origin risk, and regulatory exposure before you bring suppliers on board. Use a weighted scoring system with geopolitical factors representing 30-40% of total evaluation for business-critical vendors.
Your checklist needs these mandatory sections:
Corporate structure and location
Financial health indicators
Operational capabilities
Geopolitical risk factors
Compliance requirements
Security posture
Build this as a spreadsheet with automated scoring calculations. Weight the criteria based on what matters for your business. For a fintech company, compliance might be 40% of the total score. For a SaaS platform, availability might matter more.
The key is consistency. Use the same evaluation for every vendor in the same category.
An export control compliance audit template systematically verifies vendors handle controlled technologies according to US regulations (ITAR, EAR) and international agreements. Core components include technology classification review, licence verification, Technology Control Plan assessment, access control evaluation, and employee training documentation.
Start with Export Control Classification Number (ECCN) identification for all software, hardware, and technical data in vendor scope. Not everything is controlled, but you need to know what is.
Your audit template should cover:
Technology inventory and classification
Licence status verification
Technology Control Plan review
Access control evaluation
Training and awareness
Schedule annual baseline audits with triggered reviews for vendor acquisitions, location changes, or personnel transitions. Red flags to watch for: incomplete Technology Control Plans, inadequate access controls, missing training records, licence gaps, and delayed responses to audit requests.
A scenario planning worksheet structures exploration of potential supply chain disruptions—trigger events, cascading impacts, response options, and resource requirements. Essential elements include scenario description, probability assessment, impact analysis, early warning indicators, and response playbook.
Focus on five core scenarios:
Vendor bankruptcy or acquisition: Primary vendor acquired or declares bankruptcy. Response: activate backup vendor, negotiate data export, migrate services.
Geopolitical trade restrictions: New export controls on vendor’s country. Response: evaluate compliance requirements, identify alternatives, begin transition.
Natural disaster or facility disruption: Vendor data centre or manufacturing facility damaged. Response: failover to backup region, alternative sourcing, customer communication.
Cybersecurity breach at vendor: Vendor experiences data breach or ransomware attack. Response: assess data exposure, activate incident response, regulatory compliance.
Regulatory compliance failure: Vendor loses certification or violates regulations. Response: evaluate legal requirements, accelerate migration, document decisions.
For each scenario, quantify impact:
Your worksheet should drive actionable outcomes: specific response procedures, resource pre-allocation decisions, vendor diversification triggers, and insurance coverage evaluation. Run tabletop exercises annually to test scenarios and update response playbooks.
Cost-benefit analysis for diversification quantifies upfront investment costs, ongoing operational expenses, and expected risk reduction value to work out ROI of dual sourcing strategies. Break-even analysis typically shows payback within 18-36 months for dependencies with high disruption probability.
Calculate total costs including:
One-time onboarding costs
Recurring operational costs
Opportunity costs
Quantify benefits through:
Avoided revenue loss
Risk mitigation value
Operational improvements
Use risk-adjusted calculations: multiply potential disruption cost by probability reduction percentage to derive expected annual benefit value.
Dual supply chain implementation adds secondary vendors for business-critical components through phased transition: qualification (vendor selection), pilot (limited production), ramp (volume increase), and steady-state (balanced allocation). Steady-state allocation typically maintains 60/40 or 70/30 split rather than 50/50 to optimise pricing leverage while ensuring secondary vendor viability. This approach builds resilience into the broader framework for navigating tech sovereignty challenges.
Start with your technology stack risk assessment results. Identify which dependencies justify dual sourcing investment based on business impact scores above 15.
Qualification phase (2-3 months)
Apply your vendor evaluation checklist with geopolitical criteria. Conduct technical validation to verify the secondary vendor can deliver equivalent functionality, quality, and integration compatibility.
Negotiate contracts with volume flexibility clauses. You need the ability to shift volume percentages without penalties if your primary vendor has issues.
Pilot phase (2-3 months)
Place small orders representing 10-20% of typical volume. Monitor quality metrics closely. Compare defect rates, delivery times, and support responsiveness against your primary vendor. Run parallel operations to validate equivalence.
Ramp phase (2-4 months)
Gradually increase volume to secondary vendor in 10% increments with pause periods to validate each step. Communicate with your primary vendor that you’re building resilience, not abandoning the relationship.
Steady-state allocation (ongoing)
Most companies settle on 60/40 or 70/30 splits favouring the primary vendor. This maintains pricing leverage from volume while ensuring the secondary vendor remains viable and engaged.
The 50/50 split sounds fair but creates problems. Neither vendor gets enough volume for optimal pricing. Both treat you as a secondary customer. You lose leverage.
Common pitfalls to avoid:
Set up performance monitoring with KPIs for both vendors: quality metrics, delivery reliability, support responsiveness, pricing competitiveness, and innovation contribution. Review quarterly and adjust allocation if performance diverges.
L3Harris Technologies faced penalties from inadequate export control compliance and vendor oversight. The failures included insufficient vendor due diligence, missing Technology Control Plans, inadequate employee training, and delayed violation detection.
The key lesson: export control compliance cannot be delegated entirely to vendors. You must implement direct audit procedures and continuous monitoring.
Warning signs to monitor:
Preventive measures:
Annual compliance audits Use the export control audit template provided earlier. Schedule these annually for any vendor handling controlled technologies.
Quarterly vendor attestations Require vendors to attest quarterly that nothing has changed in their corporate structure, operating locations, or compliance status. Make this a contract requirement.
Automated monitoring Set up real-time alerts for changes in vendor financial status, ownership, or facility locations.
Procurement staff training Train your procurement team on export compliance basics so they know what questions to ask and what red flags to watch for.
Financial institutions can face fines up to 2% of total annual worldwide turnover. A collaborative approach works better than adversarial audits. Partner with vendors to improve their security maturity.
Typical timeline spans 6-12 months: vendor qualification (2-3 months), pilot testing (2-3 months), volume ramp (2-4 months), and steady-state optimisation (ongoing). Timeline varies based on component complexity and integration requirements.
Industry benchmarks suggest 2-5% of annual procurement spend. This covers vendor diversification, compliance programmes, monitoring tools, and contingency planning. Higher percentages (4-5%) are justified for companies with critical dependencies or high geopolitical exposure.
Risk assessment depends on your specific situation: what you’re purchasing, export control classification, business criticality, and alternative availability. Use the technology stack risk assessment framework to evaluate your exposure. Not all China sourcing is high-risk.
No, and you shouldn’t try. Use criticality assessment to identify which dependencies warrant diversification investment (typically 10-20% of vendor relationships). Focus resources on business-critical components with high disruption probability. Accept risk on low-impact, easily-replaceable items.
Annual reviews using provided frameworks, with quarterly updates on high-risk vendors. Trigger immediate reviews for vendor acquisitions, facility relocations, major geopolitical events, regulatory changes, or vendor financial distress.
Early indicators include vendor financial deterioration (late deliveries, quality issues), geopolitical escalation in vendor countries, ownership changes, facility disruptions, compliance violations, concentrated dependencies (over 70% from single source), and lack of alternative suppliers.
Yes, if you handle any controlled technologies under Export Administration Regulations (EAR). This includes encryption, semiconductors, AI and machine learning capabilities, and many commercial technologies. Compliance requirements apply regardless of industry. Start with ECCN classification to determine exposure.
Build a business case: quantify disruption risk (revenue at risk × probability), calculate mitigation costs, demonstrate ROI. Use scenario planning to illustrate concrete impacts. Reference compliance failure cases. Frame as revenue protection, not cost centre.
Single sourcing means choosing one supplier when alternatives exist. Sole sourcing means only one supplier is available due to patents or proprietary technology. Risk management approaches differ significantly.
Start with NIST Cybersecurity Supply Chain Risk Management (SP 800-161) because it’s technology-focused and freely available. ISO standards offer broader scope but require purchase and certification costs. Many companies use NIST as foundation, add ISO elements as they mature.
Popular options include third-party risk platforms (SecurityScorecard, BitSight), supply chain visibility tools (Resilinc, Interos), and integrated procurement systems with risk modules. Cloud-based SaaS solutions are more accessible than enterprise on-premise systems.
Start with 3-5 core metrics: vendor concentration ratio, mean time to qualify alternative, supply chain disruption frequency, compliance audit completion rate, and scenario plan currency. Automate data collection through procurement systems. Monthly 30-minute reviews are sufficient.
For a complete overview of all aspects of navigating tech sovereignty and US-China competition, see our comprehensive guide to tech sovereignty for technology leaders.
CHIPS Act Versus China’s Tech Sovereignty Plan: Understanding Government Strategies Reshaping TechnologyLook, you probably thought you could just focus on building great products and hiring great engineers. Those days are over.
Two government strategies—the US CHIPS Act and China’s tech sovereignty push—are reshaping the global technology landscape. These policies are already affecting your vendors, your supply chain, and potentially your ability to ship products.
This article is part of our comprehensive Navigating Tech Sovereignty: A Comprehensive Guide to US-China Competition for Technology Leaders, where we explore how government policies are reshaping the technology landscape and what CTOs need to know.
When TSMC gets $6.6 billion to build fabs in Arizona but can’t expand capacity in China, your semiconductor supply chain is being redrawn by policy, not market forces. When your cloud provider can’t get the latest Nvidia GPUs because of export controls, that’s the new reality.
Understanding the policy environment allows you to make informed decisions about vendor relationships, supply chain risk, and technology architecture. These policies come with compliance requirements, enforcement mechanisms, and penalties that can sink your company if you get them wrong.
The CHIPS Act—Creating Helpful Incentives to Produce Semiconductors—represents a $52.7 billion bet that America needs to make its own advanced chips again. Because 67% of leading-edge chip production happens in Taiwan and 31% in South Korea. Zero percent in the United States.
These policies implement the tech sovereignty principles we’re seeing across the global technology landscape.
That’s a single-point-of-failure problem. If something happens to Taiwan, the global economy stops.
Congress allocated $39 billion for manufacturing incentives, $11 billion for R&D, and $2.7 billion for other programmes to triple US semiconductor manufacturing capacity by 2032. TSMC is building Arizona fabs, Samsung and GlobalFoundries are expanding, and Intel’s getting funding for domestic expansion.
But the funding comes with requirements.
The guardrails.
Every company taking CHIPS Act money agrees to a 10-year restriction: they can’t materially expand advanced semiconductor capacity in China. That’s a legal requirement with clawback provisions.
Your semiconductor vendors are now making decisions based on policy compliance, not economics. Lead times change. Pricing changes. Available capacity changes.
Companies receiving funding must choose between US subsidies and China market expansion. They can’t have both.
China’s not playing the same game. While the US secures advanced chip manufacturing through subsidies and restrictions, China pursues comprehensive self-sufficiency through Made in China 2025. The target? 70% domestic semiconductor content.
China combines state subsidies—over $250 billion invested since 2019—with technology transfer requirements, procurement preferences, and “military-civil fusion.”
That last one matters. Military-civil fusion breaks down barriers between civilian and defence sectors. The PLA gets access to commercial technologies. It’s official policy. Compare that to the US, which maintains a clear wall between commercial and defence.
China’s “Big Fund” Phase 1 was 139 billion yuan. Phase 2 was 204 billion yuan. Phase 3, announced in 2024, is 340 billion yuan. Since 2019, China tripled domestic production capacity to nearly 3 million wafers per month—roughly 20% of global capacity.
The philosophical difference matters. China plans in decades with explicit targets. The US reacts to immediate vulnerabilities.
Here’s what it means for you: China is building a parallel technology ecosystem to become independent of Western technology. That’s structural decoupling.
And Huawei has emerged as the coordinator of China’s chip ambitions, working closely with SMIC, co-investing across the supply chain alongside state funds.
In October 2022, the Biden administration imposed sweeping controls on exports of semiconductors, computer systems, and fabrication equipment to China. The goal: prevent China from developing advanced capabilities in AI, supercomputing, and semiconductor manufacturing.
The Bureau of Industry and Security (BIS) maintains the Entity List—companies, research institutes, and individuals that require special export licences to buy US technology. If your vendor, customer, or partner is on that list, you need government permission to transfer controlled technologies.
The controls targeted advanced chips (sub-16nm logic), semiconductor manufacturing equipment, and supercomputing applications. Then restrictions tightened, adding chip designs and design automation software.
These controls extend beyond US-made products to foreign-made items incorporating US technology—the “Foreign Direct Product Rule.” That affects global supply chains. Understanding export control compliance requirements is now critical for risk management.
The multilateral coordination problem: only under duress did the Netherlands agree to limit ASML’s EUV lithography exports to China. Japan resists extending controls to chemical sales. And Chinese firms stockpiled advanced equipment before restrictions took effect.
The practical effect? Chinese firms can’t get ASML’s EUV lithography machines, the latest design software from Synopsys and Cadence, or high-end AI chips from Nvidia without special licences that are rarely approved.
But they’re finding workarounds. Multi-patterning with older equipment. Chiplet architectures. Indigenous development. And sometimes, shell companies and smuggling.
The guardrails are the teeth in the CHIPS Act. They’re 10-year restrictions prohibiting funding recipients from materially expanding semiconductor manufacturing capacity in China.
“Material expansion” means increasing production capacity by more than 5% for advanced semiconductors or 10% for legacy chips.
When a company accepts CHIPS Act funding, it’s making a strategic choice: US subsidies or China market expansion. Not both.
TSMC’s getting billions for Arizona fabs. But they also have customers and potential growth in China. The guardrails force them to choose.
The enforcement mechanism is clawback provisions. Violate the restrictions, and the government can demand its funding back. Plus civil penalties. Plus potential criminal charges.
Your semiconductor suppliers are now constrained in where they can invest and expand. That affects their capacity planning, which affects your access to chips.
We’ve done this before. From 1949 to 1994, CoCom—the Coordinating Committee for Multilateral Export Controls—restricted technology transfers to the Soviet bloc.
Was it effective? Sort of. Estimates suggest controls contributed to a US lead of about two to five years. After all that effort, multilateral coordination, and economic cost, the result was a temporary advantage.
Weak enforcement enabled the Soviets to catch up faster than expected. The controls slowed them down, but didn’t stop them. The Soviet Union evaded restrictions through smuggling, espionage, and third-country transshipment.
Here’s the key insight: the USSR fell behind not because it couldn’t obtain key technologies, but because its dysfunctional economic system couldn’t absorb or commercialise them.
China is different. China has a functional market economy that can absorb and commercialise technology effectively.
The CoCom lesson: export controls work best on chokepoint technologies where monopolies exist. Like ASML’s EUV lithography today. But effectiveness erodes over time.
Expect current semiconductor controls to follow a similar trajectory. Maximum effectiveness now, declining effectiveness over 5-10 years.
The short-term impact is clear: China cannot currently produce sub-7nm chips at scale without EUV lithography access. That creates a 3-5 year technology gap.
SMIC—China’s leading foundry—achieved 7nm production using older DUV multi-patterning techniques. Real engineering accomplishment. But it comes with lower yields and higher costs. Works for small volumes, not mass production.
The controls have forced China to invest heavily in indigenous equipment development and alternative approaches. Chiplet architectures. Specialised AI chips. Mature node production where they’re increasingly self-sufficient.
But effectiveness is declining. Huawei launched new products featuring advanced semiconductors by 2024. The Pura 70 smartphone features 33 China-sourced components and only 5 from outside China.
Huawei reportedly used shell companies to trick TSMC into manufacturing chiplets for their Ascend 910 AI processors. Workarounds exist.
The consensus: controls are buying 5-10 years but unlikely to permanently prevent China from achieving technological parity.
Entity List checking: Before transferring technology to any vendor, partner, or customer, verify they’re not on the BIS Entity List. It’s a legal requirement.
Use the BIS Consolidated Screening List at trade.gov. Verify ownership structures because subsidiaries may be listed separately. Check regularly.
Due diligence obligations: Investigate ownership structures, end-use applications, and connections to Chinese military or surveillance programmes.
Ask vendors: Who owns your company? Where is your equipment manufactured? Do you have relationships with entities on the BIS Entity List? Document the answers.
Export licence applications: If you need to transfer controlled technologies to a designated entity, apply for an export licence. Review periods are 60+ days minimum.
Internal compliance auditing: You need a programme, not ad hoc checking. Regular reviews, vendor audits, training, documentation, and escalation procedures.
Penalties for violations: Administrative penalties include denial of export privileges. Civil penalties include fines up to $300,000 per violation. Criminal penalties include fines up to $1 million and imprisonment up to 20 years. Company-wide consequences include reputational damage and loss of US market access.
Best practices: Designate a compliance officer. Integrate Entity List checking into procurement workflows. Train engineering teams. Document everything.
The goal is making compliance routine.
You’re making vendor decisions with imperfect information in an environment of strategic competition. Here’s a framework.
Evaluate vendor location, ownership, and dependencies: Where is your vendor headquartered? Where do they manufacture? Who owns them? Are they on the Entity List?
Taiwan deserves special attention. TSMC produces roughly 90% of advanced semiconductors. That’s single-point-of-failure risk. Military conflict, natural disaster, political disruption—any could halt production affecting most advanced chip users globally. Regional investment patterns shaped by policy are creating new alternatives and dependencies.
Assess technology criticality: Is this vendor providing core infrastructure or peripheral functionality? If they disappeared tomorrow, could you switch vendors quickly? What are the switching costs?
Consider regulatory exposure: Check your vendor’s Entity List status. Are they receiving CHIPS Act funding with guardrails? Do they have business relationships with sanctioned entities?
Map supply chain concentration: What’s your dependency on Taiwan? On China manufacturing? On single-source components? Multiple dependencies create correlated risk.
Plan diversification strategies: Identify alternative vendors now. Assess qualification timelines. Calculate migration costs. Dual sourcing costs more but provides resilience.
Questions to ask vendors:
Red flags: Vendor unwilling to disclose ownership. Complex ownership structures obscuring Chinese connections. Recent Entity List additions among subsidiaries. Heavy dependence on single-source Chinese components.
Don’t ignore red flags because a vendor has good pricing. The cost of getting caught in a policy enforcement action far exceeds any savings.
The goal isn’t eliminating geopolitical risk—that’s impossible. The goal is understanding it, quantifying it, and making conscious decisions about which risks you accept and which you mitigate.
Advanced semiconductors below 16nm logic, 18nm DRAM, 128+ layer NAND; semiconductor manufacturing equipment including EUV lithography; chip design software (EDA tools); AI chips above certain performance thresholds; supercomputing equipment; and quantum computing technologies.
Made in China 2025 continues as active policy despite reduced public rhetoric. The goals remain embedded in Five-Year Plans and procurement preferences. The Big Fund is on Phase 3 with 340 billion yuan.
Use the BIS Consolidated Screening List at trade.gov/consolidated-screening-list. Search by company name or address. Subscription services like Dow Jones and LexisNexis provide automated checking. Check regularly as the list updates frequently.
Guardrails apply only to companies receiving CHIPS Act funding and restrict China capacity expansions for 10 years. Outbound investment restrictions apply broadly to US entities investing in Chinese semiconductor, AI, and quantum companies.
Not currently at scale for cutting-edge nodes. China lacks indigenous EUV lithography, advanced chip design software, and various manufacturing equipment. SMIC achieved 7nm using workarounds but with lower yields and costs. Consensus is 5-10 year gap for leading-edge capability.
Likely decades, not years. It’s rooted in structural competition between a rising and established power, divergent governance systems, and national security concerns. Plan for a long-term policy environment.
Administrative penalties include denial of export privileges. Civil penalties include fines up to $300,300 per violation. Criminal penalties include fines up to $1 million and imprisonment up to 20 years. Company-wide consequences include reputational damage and loss of US market access.
Not necessarily. It depends on: specific vendor’s Entity List status, technologies involved, your sector, compliance obligations, risk tolerance, and business criticality. Focus on due diligence and risk assessment rather than automatic exclusion.
Taiwan produces approximately 90% of advanced semiconductors via TSMC. Production disruptions from military conflict, natural disaster, or political events would severely impact global supply chains. The CHIPS Act aims to diversify with US fabs, but Arizona capacity represents a small fraction of Taiwan output.
Military-specific technologies are designed solely for defence applications. Dual-use technologies have legitimate civilian applications but also potential military uses—semiconductors, AI, encryption. Military-civil fusion explicitly exploits this overlap.
Mixed effectiveness. Netherlands restricted ASML EUV exports, Japan limited advanced equipment. But South Korea is reluctant to jeopardise China market access for Samsung and SK Hynix. More coordinated than CoCom but gaps remain.
China dominates rare earth production (60%+ global supply) and processing (85%+)—materials for semiconductors, batteries, and defence systems. China has threatened export restrictions as countermeasure to US controls. Both sides have asymmetric leverage: US in semiconductors, China in materials.
Government policies—the CHIPS Act, Made in China 2025, and export controls—are reshaping the technology landscape in ways that affect your vendor relationships, supply chain planning, and technology architecture decisions. These aren’t abstract geopolitical issues; they’re concrete business constraints with compliance requirements and enforcement mechanisms.
The policy environment implements broader tech sovereignty principles that will define the technology landscape for the next decade. Understanding how CHIPS Act funding and guardrails affect semiconductor manufacturers, how export controls restrict AI infrastructure choices, and how to assess and mitigate these risks is now essential for technology leadership.
For a complete overview of how government strategies fit into the broader US-China tech competition and its implications for CTOs, see our comprehensive guide to navigating tech sovereignty.
Building AI Infrastructure Amid Export Controls: Nvidia, Alternative Chips and Strategic ChoicesExport controls have completely changed the AI infrastructure game. It used to be simple – buy the fastest GPU your budget allows and you’re done. Now? You’re dealing with chip availability limits, geopolitical drama, and regulations that shift with minimal warning.
This article is part of our comprehensive guide to navigating tech sovereignty and US-China competition, where we explore how these geopolitical forces reshape technology strategy for CTOs.
The H100 is still the benchmark. But export restrictions forced Nvidia to create the H20 – a deliberately hobbled version built to squeeze under compliance thresholds. AMD’s MI300 and other alternatives are on the table too, though they come with their own complications you need to wrap your head around.
This guide walks you through comparing H100 and H20 performance, evaluating vendor alternatives, picking cloud providers, modelling costs when export rules change, and building infrastructure that doesn’t fall apart when regulations inevitably shift.
US export controls block advanced AI chips – the full-spec H100s included – from going to Chinese entities and companies on restricted lists. As explored in our overview of AI as national security technology, these restrictions reflect broader tech sovereignty priorities. When the Biden administration banned A100 and H100 exports to China in August 2022, Nvidia responded by creating export-compliant variants like the A800 and H800. When fresh restrictions in 2023 banned those, Nvidia created the H20.
You might think this doesn’t touch you if you’re not in China and not on a restricted list. But you’d be wrong. Chinese firms placed over USD 5 billion in orders for Nvidia chips during 2023-24, which pulled chips out of other markets.
Export controls shift fast – sometimes with barely any notice. Even if you’re not restricted now, you need plans for multiple regulatory scenarios. Lead times have stretched out. The good news? Cloud providers handle most of this mess for you.
The H100 is Nvidia’s flagship Hopper architecture GPU, optimised for AI training and inference. The H20 is the export-compliant version with deliberately reduced performance. These chips are manufactured using the TSMC foundry processes that create the most advanced semiconductors available.
Here’s what matters: memory bandwidth. The H100 has 80GB HBM3 memory running at 3TB/s. The H20 drops that to around 1.8TB/s – roughly 60% of what the H100 delivers.
For AI training workloads, performance gaps range from 30-50% depending on your model size and batch parameters. For inference workloads, that reduced memory bandwidth gets worse as your models grow. Nvidia sold more than 1 million H20 chips in 2024, so there’s clearly real demand despite the limitations.
If you’re running production inference where latency matters, the H100’s premium is worth it. For development, testing, and fine-tuning where you’ve got deadline flexibility, the H20 gives you adequate performance at lower cost.
The AMD MI300X packs 192GB HBM3 memory – 2.4 times what the H100 offers. This makes it strong for large language model inference with massive context windows.
Raw compute hits about 85-90% of H100 on optimised workloads. For specific jobs like serving large dense models, MI300X beats H100 in both performance and performance per dollar.
The catch? CUDA ecosystem lock-in. Most AI frameworks expect Nvidia GPUs. Switching to AMD means porting to ROCm – AMD’s CUDA alternative.
ROCm has improved substantially, but it still lags in framework support, documentation quality, and community resources. Models score worse on ROCm compared to CUDA because of numeric precision differences in kernel implementations.
MI300X typically runs at 70-80% of H100 costs in cloud environments. But budget 2-4 weeks engineering effort per ML framework for the ROCm port.
AMD’s strategic value is vendor diversification and negotiating leverage. If you’ve got in-house ML engineering talent and workloads needing massive memory capacity, MI300X makes sense. If you’re a small team without ML engineering resources, stick with Nvidia.
It comes down to capital versus operating expenses. Cloud rental avoids upfront hardware costs – which matters a lot when you don’t have USD 200,000+ lying around for GPU purchases. But you pay more long-term if your utilisation stays consistently high.
Cloud gives you faster deployment, built-in redundancy, the ability to test multiple chip types before committing, and automatic hardware refreshes. Cloud providers also absorb export control risk. When regulations shift or chip shortages hit, you just switch to whatever chips are available.
On-premise advantages? Data sovereignty, no egress costs for large datasets, and potentially better cost-performance at scale. If you’re constantly moving massive datasets in and out of cloud environments, egress fees can actually exceed your compute costs.
Break-even happens around 18-24 months of sustained high utilisation. For small and medium businesses, prioritise cloud unless you’ve got specific constraints forcing on-premise.
Multi-vendor chip strategy is your first defence. Qualify your workloads on at least two chip architectures – Nvidia plus AMD or Intel – so you’re not locked to a single vendor. For comprehensive risk assessment frameworks for AI infrastructure, including vendor evaluation checklists and compliance templates, explore our detailed guide on supply chain resilience strategies.
Multi-cloud deployment spreads risk across AWS, Azure, and GCP. Each provider maintains different chip inventories and faces different procurement constraints.
Scenario planning lets you model infrastructure costs and performance under different export control futures. What happens if H100 exports get hit with new restrictions? What if vendor-specific bans target Nvidia? Model each scenario’s impact.
Use framework-agnostic ML code that avoids CUDA-specific optimisations. You’ll sacrifice some performance optimisation, but you gain the ability to migrate chips faster when the regulatory landscape shifts.
For on-premise deployments, maintain longer lead times and build relationships with multiple suppliers. Track regulatory filings, chip roadmaps, and geopolitical developments every month.
Total cost of ownership goes way beyond the rental or purchase price. You need to account for power consumption, cooling infrastructure, network costs, and maintenance.
H100 cloud rental runs approximately USD 2-3 per GPU hour. That’s USD 17,500-26,000 monthly for continuous single-GPU usage. H20 rental costs 40-60% less at USD 1.2-1.8 per hour but delivers 30-50% lower performance.
On-premise H100 purchase runs USD 25,000-40,000 per GPU. At USD 0.10/kWh, you’re adding USD 3,000-5,000 per GPU in power costs over three years. Cooling typically adds another 40% on top of power costs.
Hidden costs matter too. Engineering time for multi-vendor integration adds costs. Data egress fees for cloud deployments add up when you’re moving large datasets.
Export control scenario modelling changes your TCO calculations. If regulatory shifts force chip migration, cloud deployments adapt in days versus months for on-premise hardware replacement.
AWS leads in chip diversity with Nvidia H100, A100, and custom Trainium and Inferentia chips. They’ve got the broadest geographic availability across regions.
Azure excels in H100 availability and Nvidia partnership depth. They provide priority access and competitive pricing for committed use contracts.
GCP provides strong H100 access plus custom TPU options. They’re particularly good for TensorFlow and JAX workloads.
Pricing varies by region and commitment level. AWS H100 instances run USD 2.5-3.0 per hour on-demand. Azure prices at USD 2.3-2.8 per hour. GCP falls around USD 2.4-2.9 per hour.
One-year commitments typically save you 25-35%. Three-year commitments save 40-50%. But you’re locked into specific chip types for that entire period.
AWS offers the most flexible billing and smallest minimum commitments – important for businesses with uncertain growth trajectories.
Start with AWS for flexibility and broad chip access. Add Azure or GCP as your workloads scale to negotiate better pricing and improve resilience.
Wait if your deployment timeline stretches past 6 months, you’ve got flexible deadlines, or current chips massively exceed your performance needs. Blackwell architecture promises 2-3x performance improvements, but the GB200 NVL72 faced delays because of integration challenges.
New-generation chips face the usual risks: availability constraints, early reliability issues, premium pricing. For most businesses with immediate AI infrastructure needs, current-generation chips offer proven reliability and better availability.
Yes, but it requires abstraction layer planning. Multi-vendor deployments need framework-agnostic code that avoids CUDA-specific optimisations.
Best approach: start single-vendor for initial deployment. Add a secondary vendor for specific workload types – like AMD MI300X for high-memory inference tasks – rather than attempting full multi-vendor parity. Budget 2-4 weeks engineering time per ML framework you’re porting to non-Nvidia chips.
Calculate total 3-year costs for both scenarios. Cloud: monthly rental × 36 months + data egress + storage. On-premise: hardware purchase + installation + power + cooling + maintenance + networking. Break-even typically hits at 60-70% sustained utilisation.
Export controls typically include grace periods of 90-180 days letting existing orders complete, but new purchases face immediate restrictions. Cloud deployments adapt fastest – providers absorb regulatory compliance and you just shift to available chip types.
On-premise deployments face hardware stranding risk. Your purchased H100s remain usable but can’t be supplemented with new units if controls tighten. For detailed guidance on integrating AI infrastructure decisions into your overall CTO decision framework, including board communication templates and scenario planning worksheets, review our comprehensive framework for technology leadership in a bifurcated world.
MI300X delivers 85-90% of H100 performance with 2.4x memory capacity, making it technically viable for most AI workloads. CUDA lock-in is real but you can work around it. Modern frameworks like PyTorch 2.0+, TensorFlow, and JAX increasingly support ROCm through abstraction layers.
Expect 2-4 weeks engineering effort per framework to validate and optimise for ROCm. Best use cases: large language model inference requiring extensive memory, organisations with in-house ML engineering capability, multi-vendor resilience strategies.
H100 makes sense for large-scale model training with parameter counts over 10 billion, memory-intensive workloads exceeding 80GB, production deployments requiring minimum latency, and performance-critical research. H20 works for model fine-tuning on pre-trained weights, inference workloads with moderate throughput requirements, development and testing environments, and budget-constrained projects that can tolerate 30-50% slower training.
Essential RFP components include workload specifications covering training versus inference, model sizes, batch requirements, and latency targets. Add capacity requirements showing number of GPUs and growth projections. Specify budget constraints around capital limits and operating expense preferences.
Include support expectations for SLAs and technical support levels. Address compliance needs for data residency and export control alignment. Request migration assistance covering onboarding, training, and integration support.
Cloud rental avoids capital barriers, letting you access H100s without USD 200,000+ hardware investments. Focus on inference over training – fine-tune pre-trained models like Llama and Mistral rather than training from scratch, which reduces compute needs by 100x.
Leverage spot instances and preemptible VMs for non-critical workloads, achieving 50-70% cost savings. Optimise for cost-performance rather than absolute performance – H20 or AMD MI300 may deliver 90% of business value at 60% of H100 costs.
Export control vulnerability means regulatory changes could restrict access overnight. Supply chain concentration creates a single point of failure for procurement. Pricing power from limited alternatives reduces your negotiating leverage. CUDA lock-in means migration costs increase over time as CUDA-specific code accumulates.
Mitigation approaches include qualifying workloads on AMD MI300 or Intel Gaudi 3 as secondary options, writing framework-agnostic code that avoids CUDA-specific optimisations, and maintaining multi-cloud deployments spanning providers with different chip inventories.
Use MLPerf benchmarks as your baseline comparison, but supplement with your actual workloads. Test representative models – if you’re deploying LLMs, benchmark Llama or Mistral inference at your target token counts.
Measure what matters to your business: throughput in tokens per second or images per second, latency as response time, and cost-performance ratio as throughput per dollar. Don’t fixate on raw TFLOPS.
Run trials on cloud providers – AWS, Azure, and GCP typically offer free credits or trial periods letting you do side-by-side testing of H100, H20, and MI300 without hardware commitment.
Core capabilities include ML framework expertise covering PyTorch and TensorFlow across multiple backends like CUDA, ROCm, and oneAPI. Add infrastructure as code skills using Terraform and Kubernetes for multi-cloud orchestration.
For single-vendor Nvidia deployments, 1-2 ML engineers suffice for most small and medium business needs. For multi-vendor setups, add 0.5-1.0 full-time equivalent for infrastructure management. Alternative approach: Use managed ML services like AWS SageMaker or Azure ML to outsource infrastructure complexity.
Single-cloud provides simpler management, deeper platform integration, better volume discounts, unified billing and support, and faster deployment for small teams. It’s appropriate for companies with fewer than five ML engineers, early-stage startups optimising for velocity, and workloads with minimal data movement between services.
Multi-cloud offers chip availability resilience – if AWS exhausts H100 inventory you shift to Azure – plus pricing competition using competitive quotes to negotiate better rates. It’s appropriate for companies scaling past 50 employees, production workloads requiring high availability, and export control-sensitive deployments.
Recommended progression: Start single-cloud, typically AWS for flexibility or Azure for Microsoft ecosystem integration. Add a secondary cloud as you exceed USD 50,000 monthly compute spend or face chip availability constraints.
For a complete overview of how AI infrastructure decisions fit into broader technology strategy amid US-China competition, see our comprehensive guide to navigating tech sovereignty.
The Global Semiconductor Supply Chain: Dependencies, Vulnerabilities and Strategic AlternativesMore than 60% of the world’s semiconductors come from Taiwan. Over 90% of advanced chips. Primarily from TSMC. That’s a lot of eggs in one basket on a small island in a geopolitically tense region.
Boards are asking questions. “What’s our exposure?” “Why can’t we just switch suppliers?” The simple answer—it’s not that simple.
This article is part of our comprehensive guide to understanding tech sovereignty and its impact on modern technology strategy, where we explore how geopolitical forces are reshaping technology leadership. Here we examine the semiconductor supply chain dependencies, explain why you can’t just pivot to a different foundry, walk through Taiwan risk scenarios, and provide a detailed comparison of TSMC versus Samsung versus Intel.
The global semiconductor supply chain is a multi-stage network spanning chip design, manufacturing at foundries, packaging, testing, and distribution. Fabless companies like Nvidia and Apple design chips. Foundries like TSMC manufacture them. Separate facilities handle packaging and testing. Each stage has concentrated dependencies with limited alternatives at advanced technology nodes.
The supply chain has distinct stages: design, manufacturing at foundries (2nm to 28nm nodes), packaging, testing, distribution.
Business model separation creates dependencies. Fabless designers don’t own fabs. Pure-play foundries don’t design chips. IDMs like Intel and Samsung do both.
Geography matters. Taiwan dominates manufacturing and packaging. Korea has Samsung. Netherlands has ASML for lithography. US leads design.
Design takes 12-36 months, manufacturing 3-4 months. Switching foundries? Add 12-24+ months. Layout designers and process engineers collaborate iteratively, with fabrication taking months.
TSMC holds 64% of the global foundry market share and manufactures over 90% of the world’s most advanced chips at 3nm and 5nm nodes. It’s the only foundry with proven high-volume production of cutting-edge semiconductors at scale with superior manufacturing yields. Apple, Nvidia, AMD, Qualcomm, and hundreds of other companies depend exclusively on TSMC for their advanced chips. There’s no viable short-term alternative for leading-edge chip manufacturing.
Manufacturing yields separate TSMC from competitors. TSMC achieves 70-80% yields at mature nodes. Samsung struggles at 50-60%. Those yield differences translate directly to cost and supply reliability.
Nvidia holds 90% of the AI chip market, manufacturing exclusively with TSMC. In 2024, Jensen Huang announced orders exceeding $500 billion through 2026—all TSMC-dependent. Major cloud providers—Microsoft, Meta, Amazon, OpenAI—rely on Nvidia GPUs from TSMC for AI workloads. The implications for AI infrastructure amid export controls extend far beyond simple supply chain logistics.
TSMC operates 13+ fabs in Taiwan at Hsinchu and Tainan. The Arizona expansion is limited and delayed. Leading-edge nodes require Taiwan facilities. The competitive moat: 20+ years of process development, co-optimisation expertise, and $30-40 billion annual capital investment.
Taiwan risk refers to the geopolitical and natural disaster vulnerability created by high concentration of semiconductor manufacturing in Taiwan. Potential disruption scenarios include military conflict—China blockade or invasion—major earthquake (Taiwan sits on the Pacific Ring of Fire), political instability, or infrastructure failure. Impact would be a global chip shortage affecting everything from smartphones to data centres to automotive production. Replacing Taiwan’s semiconductor capacity would require 5-10 years minimum.
67% of leading-edge chip capacity (5nm and below) is in Taiwan, 31% in South Korea. 73% of all logic chip capacity is in East Asia. US has zero leading-edge capacity.
Disruption scenarios by probability: tight capacity during geopolitical tension is most likely with medium impact. Major earthquake—Taiwan sits on Pacific seismic zone. Blockade affecting shipping—Chinese drills indicate embargo capabilities. Limited strikes. Full invasion has lowest probability, but catastrophic impact.
Impact timeline: inventory depletion 1-3 months, supply exhaustion 3-6 months, long-term crisis measured in years. Disruption would affect 50%+ of advanced chips. Understanding these risks requires comprehensive risk assessment and mitigation strategies for your technology stack.
Chip designs are deeply optimised for specific foundry manufacturing processes and can’t simply transfer between foundries. Switching requires expensive redesign costing 5-20 million pounds, 6-18 month yield ramp at the new foundry, potential 10-30% performance degradation, and qualification testing. Process-design co-optimisation, tool ecosystem differences, and intellectual property dependencies create technical and economic lock-in.
Designs are tuned to specific foundry transistor characteristics, metal layers, and design rules. You can’t just take a TSMC-optimised design and manufacture it at Samsung.
Porting costs include re-engineering for a different process design kit, re-verification, re-layout, EDA reconfiguration. The yield learning curve is brutal—a new foundry starts at 30-50% yields and takes 6-18 months to reach 70-80%.
Samsung’s 3nm versus TSMC’s 3nm have different power/performance characteristics. Your chip might not meet specs at an alternative foundry. Dual-sourcing doubles validation work.
12-24 months minimum from decision to volume production.
TSMC leads in process technology with 3nm in production and 2nm coming in 2025, manufacturing yields of 70-80% versus competitors’ 50-60%, and customer trust from consistent execution. Samsung offers a geographic alternative in Korea with competitive 3nm technology but yield and reliability concerns limit adoption. Intel foundry (IFS) promises US-based manufacturing at 18A (2nm-equivalent) but has an unproven track record and delayed timelines creating uncertainty.
Technology: TSMC has 3nm and 5nm in volume production. Samsung has 3nm and 4nm. Intel’s 7 and 4 nodes are delayed. Manufacturing yield determines cost and supply reliability—TSMC’s 70-80% versus Samsung’s 50-60%.
Geography: TSMC Arizona won’t reach volume until 2026-2027. Samsung Korea faces similar geopolitical proximity to Taiwan. Intel offers a US-based advantage for government and defence.
Customer loyalty: TSMC has Apple, Nvidia, and AMD locked in. Samsung is pursuing AI and automotive with pricing incentives. Intel is targeting government and domestic manufacturing preference.
Pricing: TSMC commands a premium but delivers reliable supply. Samsung discounts to win business. Intel pricing is unknown but likely premium for US manufacturing. Track record matters—TSMC is consistent, Samsung has delays, Intel has missed commitments.
EUV (Extreme Ultraviolet) lithography is manufacturing technology required for producing chips at 7nm and smaller process nodes. ASML in the Netherlands is the sole supplier of EUV lithography equipment with no alternatives. Each EUV machine costs 150-200 million pounds and takes years to manufacture. ASML’s monopoly limits which foundries can compete at advanced nodes and provides geopolitical leverage through export controls.
EUV uses 13.5nm wavelength light for patterning transistors. It’s required for 7nm and below. ASML’s monopoly is complete—the only company that commercialised EUV. Production is limited to 40-50 systems per year with multi-year lead times.
TSMC has 50+ systems. Samsung is second. Intel is ramping. Chinese foundries are blocked by export controls.
The Biden administration imposed the Foreign Direct Product Rule, blocking China from advanced lithography. High NA EUV extends ASML’s monopoly into 2nm and 1nm.
ASML disruption would stop advanced chip production globally. Netherlands risk in addition to Taiwan risk.
Primary resilience strategies include foundry vendor diversification with TSMC plus Samsung dual-sourcing, chiplet architectures enabling multi-foundry designs, mature node strategies using 7nm and above with broader foundry options, inventory buffering with 3-6 months safety stock, and long-term reshoring to US and allied facilities. Each approach involves cost premiums of 10-50% and multi-year timelines. No single strategy eliminates Taiwan risk. You need a combination approach based on risk tolerance and product requirements.
Vendor diversification means dual-sourcing TSMC plus Samsung. Switching requires significant design porting costs and lengthy qualification timelines, plus a 10-30% cost premium. It’s only economically viable for high-volume products.
Chiplet architecture disaggregates monolithic chips into smaller blocks manufactured separately. Mix TSMC 3nm compute chiplets with Samsung 7nm I/O chiplets. Requires UCIe standard adoption.
Mature node strategy means redesigning products to use 7nm, 14nm, or 28nm processes with more foundry options—GlobalFoundries, UMC, Intel, Samsung. Trade performance for supply security.
Inventory buffering increases safety stock from 1-2 months to 3-6 months. Requires capital investment, creates obsolescence risk, but provides a time buffer. Quick to implement.
Reshoring leverages the CHIPS Act for US manufacturing—TSMC Arizona, Intel expansion. 5-10 year timeline. 30-50% cost premium. The new geography of technology explores how regional ecosystems are being reshaped by these supply chain reorganization efforts.
Compare mitigation investment against probability-weighted disruption costs. What would a 6-month chip shortage cost your business?
Chiplet architecture disaggregates traditional monolithic chips into multiple smaller functional blocks—chiplets—manufactured separately and connected using advanced packaging. It enables mixing different process nodes and foundries in a single product. High-performance compute chiplets can use TSMC 3nm whilst I/O, memory, and other chiplets use Samsung 7nm or mature nodes, diversifying supply chain risk. Requires UCIe interconnect standard and advanced packaging capabilities, which are also Taiwan-concentrated currently.
Different chiplets from different foundries. Mix advanced nodes from TSMC with mature nodes from Samsung or Intel. Reduces dependency on any single foundry.
Technical enablers include UCIe (Universal Chiplet Interconnect Express) for interoperability and advanced packaging like 2.5D CoWoS. Chiplet interconnect has higher latency versus monolithic chips.
Packaging costs increase, but smaller chiplets have better yields. AMD’s Ryzen and EPYC use separate compute and I/O chiplets. Huawei packaged two chiplets together to build Ascend 910C after being blocked from advanced single-die manufacturing.
The caveat: advanced packaging is dominated by Taiwan. TSMC’s CoWoS, ASE, Amkor—all Taiwan. Chiplet architecture shifts dependency from foundry to packaging.
Map dependencies from products and infrastructure through hardware vendors to chip designers to foundries to identify Taiwan and TSMC exposure. Key assessment areas include cloud provider chip dependencies like Nvidia GPUs manufactured by TSMC, direct hardware products using TSMC-manufactured chips, and supply chain visibility through vendor questionnaires. Exposure severity depends on revenue impact of 3-6-12 month chip supply disruption and availability of alternative products or vendors.
Trace from your products through servers and devices through CPUs, GPUs, ASICs through chip designer—Nvidia, AMD, Qualcomm—through foundry (usually TSMC) through geography (Taiwan).
Cloud infrastructure exposure is often underestimated. AWS, Azure, and GCP rely on Nvidia GPUs manufactured by TSMC. Direct hardware exposure applies to IoT devices, edge computing, or robotics.
Ask vendors: which foundry manufactures your chips? Geographic location? Alternative sourcing? Current inventory levels? Gain insight into second and third-tier suppliers.
Model business impact of 3-month, 6-month, 12-month disruptions. Can you switch to different chips if your primary source is disrupted?
For the board: create a dependency visualisation, risk heat map, mitigation options with costs. The CTO decision framework for technology leadership provides comprehensive guidance on communicating these semiconductor risks to non-technical stakeholders.
The CHIPS Act passed in 2022 provides 52 billion dollars in US government subsidies and incentives for domestic semiconductor manufacturing, research, and workforce development. It aims to reshore production and reduce Taiwan dependency through funding TSMC Arizona, Intel expansion, and Samsung US facilities. Realistic timeline shows 5-10 years for meaningful US advanced manufacturing capacity. It won’t eliminate Taiwan concentration in the near term.
Funding: $39 billion for manufacturing, $11 billion for R&D. Major projects: TSMC Arizona ($40 billion, 2 fabs, 4nm and 3nm). Intel Ohio and Arizona ($20 billion). Samsung Texas.
TSMC Arizona was delayed from 2024 to 2025-2026. Volume production 2026-2028. Won’t match Taiwan capacity for a decade. US manufacturing is 30-50% more expensive due to labour, utilities, and regulatory costs.
Initial US fabs manufacture trailing-edge 4nm and 3nm whilst Taiwan continues with 2nm and 1nm. But even limited US capacity provides alternatives in a crisis.
The CHIPS Act marks a turning point. But it’s only the first step of a long journey.
Taiwan manufactures approximately 60% of global semiconductors and over 90% of the most advanced chips. TSMC represents the majority of this capacity.
Minimum 5-10 years. Building new fabs takes 3-5 years, ramping to volume production adds 2-3 years, achieving TSMC-level yields takes longer. Current reshoring efforts won’t approach Taiwan’s scale until the 2030s.
Yes, but it’s expensive and time-consuming, not a quick pivot. Switching requires redesign (5-20M pounds), a 6-18 month yield ramp, potential performance degradation, and qualification testing. It’s most viable for new chip generations rather than existing products.
ASML is the sole supplier of EUV equipment required for chips at 7nm and smaller nodes. Each system costs 150-200 million pounds with multi-year lead times. Only foundries ASML supplies can compete at advanced nodes. ASML disruption would stop global advanced chip production—a single point of failure beyond Taiwan risk.
Fabless companies like Nvidia and Apple design chips but outsource manufacturing—they own no fabs. Foundries like TSMC manufacture chips designed by others. IDMs like Intel and Samsung do both. The separation creates efficiency but concentrates manufacturing at TSMC.
Chiplets are modular blocks manufactured separately and connected using advanced packaging. This enables mixing different foundries in a single product—TSMC 3nm for compute chiplets, Samsung 7nm for I/O. It reduces dependency on any single foundry, though advanced packaging is also Taiwan-concentrated.
No. It’s a long-term foundation but won’t eliminate Taiwan dependence for at least a decade. TSMC Arizona and Intel expansion will provide limited US capacity starting 2025-2027, but won’t match Taiwan’s scale until the 2030s.
It depends on your revenue exposure to supply disruption and risk tolerance. If a 3-6 month chip shortage would cause major revenue loss, 10-30% premiums for geographic diversification provide risk mitigation value. For less critical applications, Taiwan manufacturing offers better cost and performance.
Which foundry manufactures your chips? Where geographically? Do you have alternative foundries or dual-sourcing? Current inventory levels? Lead time impact of Taiwan disruption? Alternative products using different foundries? Document answers to assess exposure systematically.
Cloud-native companies have indirect Taiwan exposure through infrastructure. AWS, Azure, and GCP rely on Nvidia GPUs manufactured exclusively by TSMC. A Taiwan disruption would impact cloud AI services, GPU availability, and pricing. Multi-cloud and alternative accelerators reduce but don’t eliminate concentration.
Typically 5-20 million pounds for design porting, 10-30% ongoing cost premium, 12-24 month timeline. Companies must maintain two manufacturing flows. It’s only economically viable for high-volume products. Most startups remain sole-sourced on TSMC.
Model multiple scenarios: Tight capacity allocation during geopolitical tension (higher probability, medium impact). Major Taiwan earthquake (medium probability, high impact). China blockade (lower probability, severe impact). TSMC facility incident (medium probability, medium impact). Develop contingency responses proportional to probability-weighted risk.
For a complete overview of how semiconductor supply chain dependencies fit into the broader context of US-China tech competition, see our comprehensive guide to navigating tech sovereignty.