LiteLLM Sovereignty: A Sovereign Gateway for Your LLM Traffic
LiteLLM is an open-source LLM gateway that provides a unified API across multiple LLM providers. Every API call routed through LiteLLM carries metadata: which models you use, how often, what your token consumption looks like, and — depending on configuration — the prompts themselves.
When that gateway runs on US infrastructure, all routing decisions, usage analytics, and API keys are governed by US law and accessible under the CLOUD Act without Swiss judicial process. Running LiteLLM on Swiss infrastructure under Swiss law keeps your routing and usage data sovereign.
Sovereignty is more than where the gateway runs. The EU Cloud Sovereignty Framework defines eight dimensions that determine whether your provider is truly sovereign.
Why LiteLLM is a strong choice for sovereign AI routing
Unlike proprietary API management platforms, LiteLLM gives you:
- No vendor lock-in — switch between LLM providers (OpenAI, Anthropic, Mistral, local models) through a single API
- Full code auditability — LiteLLM is open source, every routing decision is inspectable
- Usage data stays local — token counts, model selection patterns, and cost data remain on your infrastructure
- API key isolation — your provider API keys are stored where you control them, not in a third-party SaaS
- Community-governed — active open-source project, not dependent on a single vendor's roadmap
VSHN operates LiteLLM on Swiss Kubernetes clusters. Combined with VSHN's Swiss ownership and operations, this creates a fully sovereign AI gateway.
LiteLLM sovereignty compared
| Dimension | Proprietary API Gateways (US SaaS) | Self-hosted on US Cloud | VSHN Managed LiteLLM |
|---|---|---|---|
| Ownership | Various US companies | Customer (on US infrastructure) | VSHN AG (Switzerland) |
| Governing law | US law | US law (cloud provider) | Swiss law |
| CLOUD Act | Exposed | Exposed (via cloud provider) | Not exposed |
| Data location | USA | Depends on region (US-controlled) | Switzerland (cloudscale.ch, Exoscale, or your choice) |
| Gateway software | Proprietary | Open source (self-managed) | Open source (LiteLLM, VSHN-managed) |
| Usage data access | Provider has access | Cloud provider has infrastructure access | VSHN has operational access only for authorized support — never used for model training |
| Operations team | USA | Customer's team | Switzerland (Swiss-only option) |
| Certifications | Varies | Depends on cloud provider | ISO 27001, ISAE 3402 Type II |
VSHN sovereignty self-assessment
We applied the EU's Cloud Sovereignty Framework (v1.2.1, October 2025) to our own services. This framework was used to score providers in the EU's EUR 180M sovereign cloud tender in April 2026 — three pure-European providers achieved SEAL-3, while a consortium involving Google Cloud scored only SEAL-2.
This is a self-assessment, not a formal SEAL certification. We publish it for transparency so customers can evaluate our sovereignty profile using the same structured criteria the EU uses.
| # | Dimension | Weight | Assessment | Evidence |
|---|---|---|---|---|
| SOV-1 | Strategic | 15% | Strong | Swiss AG, no foreign parent, all shareholders Swiss citizens (Commercial Register) |
| SOV-2 | Legal | 10% | Strong | Swiss law (GTC), no CLOUD Act, EU adequacy decision |
| SOV-3 | Data & AI | 10% | Strong | Swiss DCs by default. Sovereign key management via Managed OpenBao + Swiss HSM |
| SOV-4 | Operational | 15% | Strong | Swiss 24/7 ops, Swiss-only support option. All services on vanilla Kubernetes |
| SOV-5 | Supply Chain | 20% | Strong | Infrastructure-agnostic — customer chooses provider. Open-source software |
| SOV-6 | Technology | 15% | Strong | 100% open source. VSHN contributes to K8up (CNCF), Crossplane providers, Project Syn |
| SOV-7 | Security | 10% | Strong | ISO 27001, ISAE 3402 Type II, Swiss SOC. FINMA-regulated customers |
| SOV-8 | Environmental | 5% | Moderate | DC operators: Green Datacenter AG (ISO 22301/27001/27701), Exoscale sustainability. VSHN CSR policy |
Overall: SEAL-3 equivalent — the same level achieved by the winners of the EU's own sovereignty tender. No provider worldwide achieved SEAL-4, as it requires fully EU/EEA-sourced hardware supply chains and open-source foundations — structural gaps shared by every cloud provider.
Get a sovereignty assessment for your AI gateway
If you're routing LLM traffic through US-hosted services or evaluating sovereign alternatives, we can assess your current setup against the EU framework and design a LiteLLM deployment that keeps your routing data, API keys, and usage analytics under Swiss jurisdiction.