Analysis

China is back, at least according to recent signals from US investment firms. Goldman Sachs upgraded China's GDP forecast to 4.8% for 2026 and 4.7% for 2027, up by 0.5% on earlier forecasts. It is unsurprising, based on this apparent market optimism, that US companies might be looking at China more favorably than since before the pandemic. Yet macroeconomic figures belie a more complex functioning of China’s economy. While analysts point to export-growth and China’s aggressive global expansion as driving optimism, these reports are juxtaposed with some uncomfortable truths about China’s economy that should make investors cautious. 

First, China’s economic data, as we have previously argued, are frequently fabricated and unreliable. Within China, official statistics designed to aggrandize the CCP’s prowess contrast with everyday lived experiences and other indicators (e.g. energy usage and transportation flows) that suggest flatter growth. The challenge is that many US companies with a limited China presence must rely on official statistics to make strategic decisions, including whether to invest in or source from the Chinese market. This is not just a risky strategy, it is highly likely that basing such decisions on questionable figures will result in overexposure and potential business failure. Investment decisions based on Chinese statistics are not only poor strategic choices; they will likely endanger companies and investors in their anticipation of rosier outcomes. 

Second, if–and it’s a big “if”–China’s economic data are accurate, China’s economic optimism appears to be driven by export data, rather than by domestic economic strength. China’s benchmark bond yield is trending downward, stocks in Hong Kong face increased uncertainty, and China’s property market continues to plague forecasts. Proposed fiscal injections into the flailing property sector will likely contribute to high debt levels among local governments. The central government also appears to be reducing public spending in part as a response to a decline in inbound investment. Export growth therefore does not correlate to domestic health in the economy. 

Third, structural factors baked into China’s economic governance model should give US businesses pause. For starters, the CCP controls the economy as an extension of the party’s power. China’s economy is far from neutral; it serves the party’s political interests. In this vein, Chinese companies, including in the private sector, should be viewed more as branches of the party than as independent entities. They must ultimately serve the party’s interests, even if doing so hurts company bottom lines. Engagement with Chinese entities is therefore not just a business-to-business relationship, but a proxy engagement with the CCP. This may sound exaggerated, but it is a reality that investors are slowly realizing across multiple sectors. This means that engaging with Chinese firms, let alone investing in the PRC, carries elevated risks of IP theft, illicit financing, and unfair competition that US companies will have to weigh against their potential for market growth.

Collectively, positive GDP forecasts mask a host of risks to US businesses operating in China. While it is up to individual companies to determine whether these risks are worth it, it is highly likely that, given more information about China’s economy, US companies should see engaging with China as a threat, rather than a boon.

Analysis

The US faces a unique adversary in the CCP. Unlike the Soviet Union in the Cold War, China’s affront to the US is extremely multifaceted between both public and private sectors: it involves a matrix of the party, the Chinese state, intelligence and defense institutions, state-owned and private companies, and private citizens. China is attacking US businesses at a scale that needs to be met with similar strength. When a Chinese company steals IP from a US entity, there is little recourse. Not only is the US entity attempting to seek legal damages in a country that does not recognize US patents or IP claims, but they are also dealing with Chinese counterparts that are backed–legally, financially, and otherwise–by the CCP and the Chinese state. 

The challenge to the US national security structure was built to fight the Soviet Union and to some extent, al-Qaida, neither of which were economically integrated into the US private sector. Thus the US government is currently ill-equipped to counter these threats, let alone to help US companies as they struggle solo against Chinese IP theft, influence operations, and sabotage against critical infrastructure. How can US businesses lobby for greater protections against these threats? One option, as we have previously suggested, is that the US government needs greater coordination among political functional areas to counter China’s infiltration in the US private sector, particularly in areas like critical infrastructure. A recent report from the US-China Economic and Security Review Commission underscores this need by proposing a “consolidated

economic statecraft entity” that would help to coordinate between the current bureaucratic gaps between different departments. The report also stresses the need for supply chain resiliency in critical areas, including tech, pharma, agriculture, energy, quantum computing, and space technology, each of which are areas of interest to the CCP. 

Pushing for supply chain resilience necessarily involves the US private sector. For some companies in critical fields, this may entail significant government interest in their operations to a greater extent than before. Companies will therefore need to plan for the possibility that the US government inquires into their suppliers, employees, or buyers, which may happen sooner in industries outlined in the Commission’s report mentioned above. Some companies are preempting this, with GM demanding that its suppliers divest from China both to insure against future government probes and as a smart business strategy to minimize potential disruptions. Others will likely face a shock if the US government deems their efforts as wanting. Morgan Stanley, for example, found itself targeted by the US Select Committee on China for assisting a Chinese mining company that was on the Uyghur Forced Labor Prevention Act (UFLPA) Entity List. 

Business strategies will need to accommodate this potential shift in how the US government engages with key industries as it attempts to grapple with the threat posed by the CCP against the US private and public sectors. Mitigation measures, including due diligence on suppliers and employees, potential divestment strategies, and ensuring “clean” supply chains, are all rapidly becoming needs, rather than wants, for companies to remain competitive. Meanwhile the US government should take the Commission’s recommendations seriously if it is to effectively combat China’s efforts to put US companies out of business.

Analysis

Two weeks on from the much-watched Xi-Trump meeting on the sides of the APEC meeting in Gyeongju, we are starting to be able to gauge the staying-power of the agreement and how the rest of the world has interpreted the outcome.

In good news for market stability, China has ended levies on US farm goods in response to the US halving its fentanyl-related tariffs on Chinese goods, and the US has moved to finalize a one-year delay on maritime fees against China. It is good news for supply chains, too, as China announced it will suspend export controls on rare earth metals critical to the production of semiconductors and other advanced technologies for at least the next five years. While small steps, they are gestures of good will even if most of them will not have significant material impact on the trade environment. In worse news, China has also accused the US of carrying out a cyberattack dating back to 2020, while the outcomes of US-led anti-dumping investigations against China, launched during the first half of the year, are starting to yield results that promise future friction with China. The US has also added “poison pills” to new trade agreements with Malaysia and Cambodia, threatening to terminate the deals if either country signs new agreements jeopardizing “essential U.S. interests,” and in turn exacerbating the proxy trade wars occurring across the globe.

The continued Nexperia debacle has also put additional stress on the new agreement, as the Dutch economy minister has doubled down on his decision to seize the Chinese auto chip maker to ensure continued chip supplies to European car makers. Due to the final processing of those chips happening in China, however, their export back to European markets was only made possible by the Trump-Xi agreement. While the US decision to add Nexperia to its entities list was made independently of the Hague’s actions, Beijing still holds the US accountable for creating an unfavorable environment in Europe for China. Despite so much riding on promised market stability, it already seems unlikely that this most recent round of negotiations will lead to any long-term trade solutions.

Another notable outcome of these talks has been a reprise of the “India Narrative,” which posits that India may become one of the big winners from China’s agreement to suspend rare-earth export control. In an effort to reduce its own dependence on Chinese-produced rare earths, India is preparing a slate of rare earth magnet incentives to capitalize on the US and broader Western desire to insulate their supply chains from reliance on China. While it is certainly prudent to cultivate new or alternate suppliers and create supply chain redundancies, we would advise caution for companies as they look for new suppliers and to not immediately jump on any and all non-China opportunities. Just as when doing business with China, doing your diligence on new suppliers is equally important. 

The India case presents as many concerns as opportunities. While it is the fifth-largest trading partner for the US and a mostly cooperative partner, President Modi has taken a populist turn that threatens to nationalize business; India remains friendly with Russia (and continues to buy Russian oil); and it lacks much of the infrastructure for such technically advanced rare-earth projects. At the same time, depending on the range of incentives, India represents an opportunity for a China-free rare-earth supply chain for the future. While Australia and the US are also pursuing domestic mining opportunities that will likely be available first, India’s laxer regulatory regime has the potential to see accelerated project development at lower costs. 

In short, take advantage of the current, if temporary, market stability to stabilize supply chains while keeping a discerning eye out for new opportunities that will also appear in this new climate.

Analysis

Chinese open-source AI models like Qwen and DeepSeek are rapidly becoming a go-to foundation for a meaningful minority of global, and especially US-based startups because they offer strong performance at very low cost, but they also pull companies into China’s legal, data, and censorship orbit in ways most founders fail to understand and are not yet treating as a security risk. The widely circulated claim that “80% of startups” pitching Andreessen Horowitz, a major Silicon Valley venture capital firm, use Chinese models was later corrected by a16z general partner Martin Casado, who clarified that roughly 20-30% of startups use open-source AI, and 80% of those rely on Chinese models, meaning the real figure is closer to 16-24%. That still represents a significant share of the early-stage market, and it reinforces reporting that China’s open-source push has begun quietly outpacing U.S. rivals in adoption and model availability.

The draw is simple: Chinese AI is low cost and high capability. Analysts such as Aakash Gupta report that DeepSeek claims to train frontier-level models for about $5 million, compared with the roughly $500 million often required for top U.S. models, and offers usage pricing around 1-2% of OpenAI’s GPT-4 rates. Alibaba’s Qwen has passed 600 million downloads, spawned around 170,000 derivative models, and sits inside a much broader Modelscope library with over 120,000 models and 5,500 services. In Japan, it is reported that startups like Abeja are already building high-ranking local systems on top of Qwen, further normalizing it as an industry standard. Network effects also matter: a meaningful share of founders are Chinese or participate in Chinese backed systems, where Qwen, DeepSeek, and related tools are promoted as the default stack, further nudging teams toward Chinese infrastructure even when they operate outside China. 

U.S. and allied competitors are responding, but unevenly. On the model side, efforts like Meta’s Llama family and other Western open-source projects aim to match Chinese systems on quality. On the hardware side, firms such as Tentorrent are trying to cut training and inference costs with alternate AI chips and open software stacks, positioned as more flexible and cheaper than today’s NVIDIA-centric setups. These moves show that the US market sees the cost gap, but for now, Chinese models are still often the lowest friction, lowest cost “drop in” option for companies operating on tight budgets. 

Regulators are now highlighting the security implications. Taiwan’s National Security Bureau found that several Chinese LLM applications, including DeepSeek, Doubao, Tongyi, Yiyan, and Yuanbao, collect intrusive device data, capture screenshots, demand broad permissions, and transmit user information back to servers in China, with 8-11 violations per app across privacy categories. The same review reported that the models regularly produced politically one-sided content aligned with Beijing narratives about Taiwan, withheld sensitive terms such as “democracy” and “Tiananmen Square,” and in some cases generated basic cyberattack instructions. Multiple governments, including the U.S., Germany, and Italy, have issued similar warnings, citing exposure under China’s National Intelligence Law and Cybersecurity Law.

For companies, the corrected figures mean this is not yet an overwhelming majority trend—but it is also not a fringe case. A significant slice of startups now rely on infrastructure that operates inside China’s legal and information-control environment. The practical takeaway is not alarm, but governance. Firms using Chinese models should assume logs and telemetry may be legally accessible to Chinese authorities; keep sensitive, regulated, or strategic data off these models; and design products so that Chinese LLMs can be replaced if US or allied regulators tighten provenance rules or restrict app-store distribution. Model choice, in short, is becoming a geopolitical decision as much as a technical one, and companies that treat it that way will be better positioned as AI infrastructure becomes subject to the same national-security scrutiny already applied to chips, telecom equipment, and cloud platforms.

Analysis

The UK economy is facing £1.9 billion ($2.5 billion) in damages after a massive cyber attack against automaker Jaguar Land Rover ceased production for three weeks and caused almost £500m in company losses. The knock-on effects of the attack are extensive: laid-off workers throughout the supply chain, disruptions to orders, and uncertainty about how much information the attackers stole continue to plague the company. Hacking group Scattered Lapsus$ Hunters, a potential collaboration between the groups Scattered Spider, Lapsus$ and ShinyHunters, claimed responsibility for the attacks, with similar attacks also rattling US businesses over the past year. 

Despite the scale of these cyber espionage attacks, companies remain ill-prepared to respond. Yet while this attack was devastating, it was, to the best of our knowledge, conducted by a collective of individuals—albeit with potential ties to Russia and other state-sponsors—collaborating for extortion purposes. These attacks are prominent and prevalent, but they pale in comparison to a new type of attack driven by AI automation. Reports that cybercriminals with ties to China’s government used Anthropic’s chatbot Claude to automate attacks against US targets highlights the growing risk of attackers using US open-source IP to attack US companies. While details are patchy about the attack and precisely how Claude was involved, the use of AI automation in cybercrime should alarm all businesses. 

As open source AI platforms become more widely available, the potential for these attacks is likely to increase in scope and severity. Individuals with limited cyber capabilities will be empowered to attack multinational entities at an unprecedented scale, either for ransom, IP theft, or on behalf of an agenda. Anthropic’s note that the recent attack was the “first reported AI-orchestrated cyber espionage campaign,” but it certainly will not be the last. While Anthropic points to the same AI products to defend against attacks, businesses will need to determine lasting and dynamic solutions to this new Wild West of AI-driven cybercrime.