In March 2026, the Bank for International Settlements issued a formal warning about AI infrastructure financing. Their Quarterly Review — written by Egemen Eren, Ingomar Krohn, and Karamfil Todorov — found that hyperscalers had quietly moved more than $120 billion in AI compute debt off their balance sheets in about 18 months. They did it using structured financial vehicles designed to keep that debt out of the headline numbers investors and counterparties actually look at.
If you’re an enterprise signing multi-year AI cloud compute contracts, this is not some abstract macro-financial story you can ignore. It’s a counterparty risk question: what happens to your AI workloads if your compute provider runs into serious financial trouble? This article translates what the BIS found into practical terms — what an SPV is, why residual value guarantees matter, and what five questions you should be asking before you commit to a long-term compute contract. The warning exists because the AI infrastructure arms race has pushed capital deployment well beyond what traditional on-balance-sheet financing can absorb.
What Did the BIS Actually Say, and What Is “Shadow Borrowing”?
The BIS coined the term “shadow borrowing” to describe financial obligations that function like debt but don’t show up on corporate balance sheets. It’s not accounting fraud — it’s the deliberate, legal use of off-balance-sheet structures that, when you add them all up, represent substantial hidden financial exposure.
The March 2026 Quarterly Review identified nine risk categories, including GPU collateral depreciation risk, private credit concentration, and contagion via securitisation. The headline finding: more than $120 billion in AI compute debt moved off hyperscaler balance sheets in roughly 18 months. That’s a structural shift in how AI infrastructure gets financed — not a handful of isolated deals.
Two other institutions have lined up alongside the BIS. The Chicago Fed found that banks’ AI-adjacent exposure averaged 0.8% of total assets through indirect private credit channels. And in January 2026, four U.S. Senators wrote formally to flag “complex and opaque debt markets” and the risk of “a broader financial crisis.” Three major institutions raising similar concerns in six months is a pretty reliable signal that regulatory action is coming. The question for you isn’t whether regulators will act — it’s what effect that will have on compute pricing and provider stability when they do. The AI infrastructure spending environment encompassing $725 billion in capex is what makes structured finance unavoidable: there’s simply too much capital at stake for standard on-balance-sheet borrowing to handle.
How Do SPVs Work? The Meta Hyperion Deal as a Worked Example
A Special Purpose Vehicle (SPV) is a legally separate, bankruptcy-remote entity set up to hold one asset and raise one pool of debt. The “bankruptcy-remote” part is the key bit: if the SPV fails, the failure is — in theory — contained, and doesn’t automatically pull the parent company into default with it.
In AI infrastructure, it works like this. A hyperscaler creates or co-owns an SPV that builds a data centre. The SPV raises debt from private credit investors. The hyperscaler then leases back compute capacity from the SPV, turning capital expenditure into operating expense. The capex stays off the balance sheet; the compute access stays on.
Meta’s Hyperion data centre in Louisiana is the clearest example of this in practice. It’s a $30 billion project financed through the Beignet Investor SPV — 80% owned by Blue Owl Capital, 20% by Meta — with private credit investors including Apollo, Pimco, BlackRock, and Morgan Stanley holding the SPV debt. Meta signed a compute offtake agreement as the SPV’s revenue stream.
Here’s the disclosure that makes this a BIS-level concern: Meta’s residual value guarantee (RVG) of up to $28 billion appears only in the footnotes of its financial statements. That’s a $28 billion contingent liability that activates if GPU assets held by the SPV depreciate below a threshold — something that could happen fast if a new GPU generation triggers a sudden market-wide repricing. Oracle’s Stargate SPVs follow a similar pattern, with Oracle issuing $18 billion in bonds in a single day as part of its Stargate financing programme. Blue Owl’s $7 billion digital infrastructure fund, which holds positions in both structures, includes capital from New York and Pennsylvania state pension funds. The risk has already left hyperscaler balance sheets and landed with institutional investors. The same structured finance logic underpins the Amazon-Anthropic and Google-Anthropic investment commitments — large-scale capital deployments that reshape compute access while moving financial exposure through structured vehicles rather than direct balance-sheet borrowing.
What Is GPU-Collateralised Lending, and Why Does CoreWeave’s Debt Structure Matter to Enterprise Buyers?
GPU-collateralised lending is structured finance where GPU clusters serve as the collateral — a lender provides capital against the assessed value of a GPU fleet, expecting to recover its money from compute revenue or, if things go wrong, by selling the GPUs.
The critical risk is depreciation. GPUs have an estimated useful life of 2.5 to 3 years — which means the asset securing a five-year loan is worth 60–70% less by mid-term. That creates what’s sometimes called an impairment cliff: depreciation looks smooth on paper until a new GPU generation launches and the market suddenly reprices the older generation downward, all at once.
CoreWeave‘s $7.5 billion GPU-collateralised debt facility, arranged by Blackstone, is structured as GPU-backed Asset-Backed Securities (ABS). Fitch rated CoreWeave Compute Acquisition Co. VIII loans at A-sf — an investment-grade rating whose quality depends entirely on GPU residual value assumptions holding. If GPU market prices drop sharply, the collateral value falls below debt thresholds and you’re looking at margin call risk.
Why does any of this matter to you as an enterprise buyer? Because if your production AI workloads run on CoreWeave or a similar neocloud, you have counterparty exposure to the CoreWeave GPU-collateralised debt structure sitting underneath your compute access. Neoclouds have thinner financial reserves than hyperscalers and no diversified revenue to buffer against GPU market stress. That stress translates directly into neocloud financial stress in a way it simply doesn’t for a hyperscaler.
What Is a Take-or-Pay Contract, and What Happens When a Neocloud Hits Financial Stress?
A take-or-pay contract — called a compute offtake agreement in AI infrastructure — is a commitment to pay for a defined volume of compute capacity whether or not you actually use it. For the SPV or neocloud, it’s the revenue stream servicing its debt. For you, it’s a fixed cost regardless of actual consumption.
The buyer-side risk that most coverage doesn’t address: what actually happens to your enterprise AI workloads when a compute provider hits financial stress? Here are three scenarios, based on how analogous distress events have played out in energy and telecoms infrastructure:
Scenario A — Managed distress: The provider seeks refinancing or a buyer. Workloads continue, but SLAs may degrade and pricing terms may be renegotiated under duress.
Scenario B — Disorderly failure: Lenders exercise step-in rights over data centre assets. Whether your compute access continues depends on the lender’s willingness to maintain service continuity — which is not guaranteed unless you’ve explicitly negotiated it into the contract.
Scenario C — Bankruptcy: Your data and workloads are frozen pending court proceedings. Non-portable fine-tuned models and proprietary data pipelines may be inaccessible for weeks or months.
The trap runs both ways. If you try to exit a multi-year compute contract to reduce counterparty risk, you may face take-or-pay litigation — paying for capacity you’re no longer using because the provider hasn’t technically failed yet. The variable that determines how bad Scenarios B and C get is workload portability: how easily your models, data pipelines, and inference endpoints can move to another provider. Low-portability workloads amplify every distress scenario.
How Does AI Infrastructure Debt Reach Pension Funds? The Securitisation Cascade Explained
The securitisation cascade is how AI infrastructure debt, originated at the SPV level, gets repackaged into rated securities and distributed through the financial system until it reaches pension funds — and ultimately retail savers.
The chain goes like this: hyperscaler or neocloud creates SPV → SPV raises private credit debt → debt is securitised into ABS (Asset-Backed Securities) or CMBS (Commercial Mortgage-Backed Securities) → ABS and CMBS are sold to insurance companies, pension funds, and private credit funds → pension exposure reaches retail savers.
Blue Owl’s $7 billion digital infrastructure fund, holding positions in both Meta Hyperion and Oracle Stargate SPVs, includes capital from New York and Pennsylvania state pension funds. Morgan Stanley projects $800 billion in private credit data centre financing over two years — and at that scale, securitisation distributes AI infrastructure risk across the entire financial system. The $7 trillion scale of potential systemic exposure is what the BIS is treating as a financial stability concern, not just a sector financing story.
For enterprises, the securitisation cascade creates an indirect regulatory risk. The breadth of institutional exposure creates political pressure for regulatory intervention. If SPV disclosure requirements tighten, the cost and structure of hyperscaler AI financing changes — and that flows through to compute pricing and provider financial health.
Five Questions to Ask Your Cloud Vendor Before Signing a Long-Term Compute Contract
The BIS warning is not a reason to avoid multi-year compute contracts. It’s a reason to negotiate them more carefully. These questions work in an RFP or in contract negotiations. Neoclouds are more likely to carry SPV and ABS structures, but the Meta Hyperion example shows the questions are relevant at the hyperscaler tier too — both are turning to structured finance to fund capacity growth in the broader $725 billion AI infrastructure spending environment.
Question 1: Is this compute capacity owned on your balance sheet, or financed through an SPV or third-party structure? If the vendor can’t answer clearly, treat that as a risk signal. Opacity about financing structure is itself a counterparty risk indicator.
Question 2: Does your capacity agreement contain take-or-pay obligations — and what happens to those if you enter financial distress or are acquired? You need to know whether the payment obligation survives a restructuring or change of control, and whether you could end up paying a new operator for capacity you didn’t choose.
Question 3: What step-in and workload continuity provisions apply if a lender acquires your data centre assets? Get explicit contractual commitment that any step-in party must honour your service agreement for a defined continuity period — 90 to 180 days is a reasonable starting position.
Question 4: Can I migrate my models, data pipelines, and inference endpoints to another provider within 30 days? Include migration assistance as a contractual obligation, not a verbal assurance. Test portability with a small-scale migration exercise before you sign anything.
Question 5: Are your GPU assets subject to residual value guarantees or ABS issuance, and can you disclose those terms? A new GPU generation launch could simultaneously collapse your vendor’s collateral value and trigger a crisis in their structured finance programme — with your production workloads right in the middle of it.
These five questions won’t eliminate counterparty risk, but they will surface it before you sign rather than after. For the full picture of how structured finance fits into the $725 billion AI infrastructure buildout — from neocloud compute economics to sovereign geography — see our AI infrastructure arms race resource hub.
FAQ
What did the BIS actually say about AI infrastructure financing in its March 2026 report?
The BIS March 2026 Quarterly Review — by Egemen Eren, Ingomar Krohn, and Karamfil Todorov — identified AI infrastructure financing as a systemic risk concern, coining “shadow borrowing” for debt-equivalent obligations moved off balance sheets via structured vehicles. The key finding: more than $120 billion in AI compute debt was moved off hyperscaler balance sheets in approximately 18 months. The report flagged nine risk categories including GPU collateral depreciation, private credit concentration, and ABS/CMBS contagion channels. The BIS — the Bank for International Settlements — is a Switzerland-based institution that serves as a bank for central banks and whose research carries significant weight with financial regulators worldwide.
What is an SPV and why do tech companies use them for AI infrastructure?
A Special Purpose Vehicle is a legally separate, bankruptcy-remote entity created to own one asset and raise one pool of debt. Tech companies use SPVs for AI infrastructure to convert large capital expenditures into multi-year operating expenses, keeping the associated debt off the corporate balance sheet while retaining compute access. SPVs are legal and widely used in infrastructure, real estate, and energy financing. The BIS concern is about their scale and opacity in AI, not their existence.
What is “shadow borrowing” in the context of AI data centres?
Shadow borrowing is the BIS-coined term for financial obligations that function economically like debt but don’t appear on corporate balance sheets. In AI infrastructure, it arises from SPV leases, compute offtake guarantees, and residual value guarantees that add up to debt-equivalent obligations only partially visible in standard financial statements. “Shadow” doesn’t mean illegal — it means obscured from standard balance sheet analysis.
What is a residual value guarantee and why is Meta’s $28 billion RVG significant?
A residual value guarantee is a commitment by a hyperscaler or neocloud to guarantee the minimum resale value of GPU assets to an SPV’s lenders if those assets depreciate below a threshold. Meta’s RVG of up to $28 billion on the Hyperion deal appeared only in footnotes of Meta’s financial statements — not in headline debt figures. It represents a contingent liability that could be triggered by a GPU market price collapse, which itself could be triggered by a new GPU generation launch.
What is a neocloud and how does its counterparty risk differ from a hyperscaler?
A neocloud is a GPU-focused cloud provider — CoreWeave and Lambda Labs are examples — specialising in AI compute, typically with GPU-backed structured finance and thinner financial reserves than hyperscalers. Neoclouds are more exposed to GPU market stress because AI compute is their entire business. Hyperscalers have diversified revenue — cloud services, advertising, software — that buffers against GPU collateral value declines. That doesn’t make hyperscalers risk-free, but their financial depth provides a larger buffer before enterprise service continuity is threatened.
What is workload portability and why does it matter for counterparty risk?
Workload portability is the degree to which your enterprise AI workloads — models, data pipelines, inference endpoints — can be migrated from one compute provider to another without significant technical or commercial cost. Low-portability workloads, such as non-portable fine-tuned models or proprietary pipelines locked to a provider’s tooling, amplify the damage of any provider financial stress event. Test portability with a small-scale migration exercise before signing a long-term compute contract, and include migration assistance obligations in the contract itself.
Can an enterprise be forced to keep paying for cloud compute if its provider goes bankrupt?
Yes, under a standard compute offtake agreement. Take-or-pay contracts require payment for committed capacity whether or not it’s used, and the obligation typically survives restructuring, sale, and in some configurations, bankruptcy. You may owe payments to a new operator or lender you didn’t choose. To protect against this, negotiate termination-for-cause provisions that include provider financial distress as a trigger for contract exit without penalty, and have legal counsel review take-or-pay obligations before signing.
What are step-in rights in a compute contract?
Step-in rights are contractual provisions allowing a lender or designated third party to assume operational control of infrastructure assets if the operator defaults. They’re dual-natured: they can protect your compute access if the step-in party is committed to maintaining service, or they can threaten it if that party’s priority is asset recovery. Negotiate explicit language requiring any step-in party to honour existing enterprise service agreements for a defined continuity period — 90 to 180 days is a reasonable starting position.
