ABSTRACT For multinational corporations, navigating the fragmented and evolving landscape of digital regulation has become a paramount source of strategic uncertainty. This paper argues that effective risk assessment requires moving beyond a static view of government as a rule‐maker to analyzing it as a dynamic, strategic actor. We develop a tripartite framework that enables managers to evaluate regulatory risk by analyzing a state's discursive commitments (public narratives and policy signals), institutional capacity (administrative design and enforcement power), and material leverage (control over key technological infrastructure). This diagnostic framework complements existing approaches to policy uncertainty by shifting the analytical focus from measuring aggregate regulatory volatility to diagnosing the internal coherence of state capacity. Applied to the landmark European Union Artificial Intelligence Act, the framework reveals critical “orchestration gaps” between a state's regulatory ambitions and its infrastructural dependencies. These gaps are not merely policy failures but significant sources of compliance cost and strategic risk for global firms. The paper concludes with actionable managerial implications, providing executives with a structured diagnostic tool to assess regulatory risk as a function of state coherence—not merely rule stringency—and strategically position their firms in contested digital markets.
Yousif Hassan Ahmed Balola (Wed,) studied this question.