Executive Summary
Silicon Valley has a secret. While executives debate GPT vs. Claude in boardrooms, their engineering teams are quietly shipping products on Chinese open-source models. DeepSeek, Qwen, and other Chinese AI labs have become the backbone of an increasing number of American AI applications—and most boards have no idea. This isn’t a security breach. It’s a pragmatic response to economics. But it creates strategic questions that every CEO needs to answer before their next board meeting.
The Conversation Nobody’s Having
Three weeks ago, I asked a simple question during a portfolio review with a Series B AI startup: “What foundation model powers your core product?”
The CEO confidently answered: “We’re an OpenAI shop.”
The CTO shifted uncomfortably. After the meeting, he pulled me aside.
“That’s… not entirely accurate anymore. About 60% of our inference runs on Qwen. We switched six months ago. The CEO doesn’t really know the details.”
This isn’t an isolated incident. I’ve had versions of this conversation four times in the past quarter.
Bloomberg reported it. CNBC confirmed it. MIT Technology Review called 2025 the year of the “DeepSeek moment.” But the strategic implications haven’t hit most executive teams yet.
Here’s the uncomfortable reality: a significant and growing portion of American AI products are running on Chinese open-source models, and the people accountable for strategic risk often don’t know it.
Why This Is Happening
The shift isn’t ideological. It’s economic.
The Cost Equation
Let’s do simple math:
GPT-4 Turbo: ~$10-30 per million tokens (input/output blended) Claude Opus: ~$15-75 per million tokens DeepSeek-R1 (self-hosted): ~$0.50-2 per million tokens after infrastructure
For a company running 10 million tokens daily, that’s the difference between $300,000/year and $18,000/year in inference costs.
At Series A margins, that delta is existential.
The Capability Convergence
But cost only matters if capability is comparable. Here’s what changed:
In January 2025, DeepSeek released R1—an open-source reasoning model that matched or exceeded GPT-4 on multiple benchmarks. The AI community was shocked. A relatively small Chinese lab, operating under US chip sanctions, had achieved frontier-level performance.
By year-end, “DeepSeek moment” had become industry shorthand for unexpected capability breakthroughs from resource-constrained teams.
The gap between American closed models and Chinese open models has compressed from “years behind” to “weeks behind.” And for many enterprise use cases, “weeks behind” is functionally equivalent.
The Customization Advantage
Open-weight models offer something proprietary APIs cannot: full customization.
With DeepSeek or Qwen, you can: - Fine-tune on your specific domain data - Prune and distill for your exact use case - Run entirely on-premise for data sovereignty - Modify inference behavior without API limitations
For regulated industries or companies with proprietary data concerns, this isn’t just a cost advantage—it’s a compliance requirement.
The Strategic Questions You Should Be Asking
If you’re a CEO or board member, here’s what you need to know—and what you should be asking your technical leadership:
Question 1: What models actually power our AI products?
Not “what vendor are we partnered with.” What models are running in production, right now?
Many organizations have official vendor relationships with OpenAI or Anthropic while their engineering teams have quietly migrated workloads to open-source alternatives. The business development relationship doesn’t reflect the technical reality.
Why this matters: If your investor deck says “powered by GPT-4” but your inference runs on Qwen, you have a disclosure problem. If your security posture assumes American vendors but your models originate from Chinese labs, you have a risk assessment gap.
Question 2: What’s our model supply chain policy?
Most enterprises have software supply chain policies. Few have model supply chain policies.
Consider: - Where do the base weights originate? - Who trained the model, and on what data? - What’s the update and maintenance pathway? - Are there export control or sanctions implications?
The model powering your AI isn’t just software—it’s a strategic dependency. Treat it accordingly.
Question 3: What’s our acceptable risk posture on model provenance?
There’s no objectively “right” answer here. But there should be an explicit decision.
Some organizations will conclude: “The models are open-source, auditable, and we’re self-hosting. The origin country doesn’t create meaningful risk.”
Others will conclude: “We can’t explain to customers/regulators/investors why our AI runs on Chinese-origin models. The optics alone are disqualifying.”
Both positions are defensible. The indefensible position is not having made the decision at the appropriate level.
Question 4: Are we prepared for the regulatory environment to shift?
Today, using Chinese open-source models is legal and common. That may not be true in 18 months.
The Trump administration’s AI executive order signals intent to shape the regulatory landscape. Export controls on AI are tightening. The political environment around US-China tech competition is intensifying.
If regulations shift, can you migrate? How quickly? At what cost?
The Geopolitical Overlay
Let me be direct about something: this isn’t primarily a technology question. It’s a geopolitics question with technology implications.
The Optimistic View
Chinese AI labs’ embrace of open source has earned global goodwill. Open models are auditable—you can inspect the weights, understand the training, verify the behavior. There’s an argument that open-source Chinese models are more trustworthy than closed American models, precisely because they’re transparent.
The AI research community is increasingly global and collaborative. Treating model provenance as a national security issue may be overreach that slows innovation without reducing actual risk.
The Cautious View
China’s national AI strategy explicitly links commercial AI development to state objectives. Even if today’s open-source models are benign, future dependencies create leverage. The more American companies rely on Chinese AI infrastructure, the more exposed they become to future policy shifts—from either government.
“Open source” doesn’t mean “without strings.” Training data, benchmark manipulation, and subtle behavioral biases are difficult to audit even with full weight access.
My View
Both perspectives have merit. The pragmatic middle ground:
- Know what you’re running. Ignorance isn’t a strategy.
- Make explicit risk decisions. At the board level, not buried in engineering.
- Maintain optionality. Don’t architect yourself into single-model dependency.
- Plan for scenario shifts. If the regulatory or geopolitical environment changes, can you adapt?
The companies that will navigate this best aren’t the ones who reflexively avoid Chinese models or the ones who blindly embrace them. They’re the ones who’ve thought it through.
What This Means for Your 2026 Strategy
For Cost-Conscious Startups
The economic case for open-source models (Chinese or otherwise) is compelling. If you’re optimizing for runway, you’re probably already there or should be evaluating it.
But: Document your model decisions explicitly. When you raise your next round, sophisticated investors will ask. Having a clear rationale (“we evaluated the risks, here’s our framework”) is vastly better than “we didn’t really think about it.”
For Regulated Enterprises
Your compliance and legal teams need to be in this conversation. Model provenance is becoming a due diligence item for: - Government contractors (especially defense-adjacent) - Healthcare organizations under HIPAA - Financial services under various regulatory frameworks - Any company with significant China exposure (in either direction)
Action item: Add “AI model supply chain” to your next compliance review agenda.
For Public Companies
This is a disclosure question. If Chinese-origin models power material portions of your AI capabilities, your risk factors section should probably acknowledge it.
I’m not giving legal advice. I’m observing that sophisticated investors and regulators are starting to ask these questions, and “we didn’t know” isn’t going to be an acceptable answer.
The Talent Dimension
There’s a secondary effect that’s worth noting: talent follows capability.
The best AI researchers want to work on the most capable systems. For years, that meant American labs. The DeepSeek moment changed the calculus. Chinese labs are now legitimate frontier contributors, attracting global talent who want to work on open, auditable, high-capability systems.
This isn’t a zero-sum competition, but it does mean the assumption that “cutting-edge AI = American AI” is no longer valid. Strategy built on that assumption needs updating.
The Bottom Line
The DeepSeek Paradox isn’t about China. It’s about strategic awareness.
If you’re a CEO or board member, you should know: - What models actually power your AI products - Where those models originate - What your policy is on model provenance - How you’d respond if the regulatory environment shifts
Most executives I talk to can’t answer these questions. Their CTOs often can’t either—because the decisions were made by individual engineers optimizing for performance and cost, without strategic oversight.
That’s not a technology failure. It’s a governance failure.
The companies that thrive in this environment won’t be the ones who made the “right” choice about Chinese models. They’ll be the ones who made a choice—deliberately, at the appropriate level, with full awareness of the implications.
Is that your organization?
The Question I’m Wrestling With
Here’s what I haven’t figured out:
If Chinese open-source models continue to close the capability gap while maintaining massive cost advantages, at what point does not using them become a competitive disadvantage that threatens the business?
We already accept global supply chains for hardware. Most phones contain Chinese components. Most servers run on globally-sourced chips. Is AI model provenance fundamentally different, or are we applying a double standard?
I genuinely don’t know the answer. The pragmatic engineer in me says “use the best tool for the job.” The strategic advisor in me says “geopolitical risk is real and probably underpriced.”
What’s your take? Is model provenance something you’re actively managing, or is this the first time you’ve thought about it?
Reply and let me know. I read every response.
This is part of a weekly series from Data Science & Engineering Experts on enterprise AI implementation realities in 2026.