← All insights
Architecture

AWS, Azure, or on-premise: choosing for EU regulated software

· 8 min read · By METZ CODE

Cloud-first isn't a strategy. The right answer depends on the system, the regulation, and the team. Here's how we actually decide between Azure, AWS, and on-premise for EU regulated software.

Every six months a new client tells us "we want to be on the cloud." When we ask why, the answer is rarely about technology. It's usually about cost (often wrong), agility (sometimes right), or a board slide (always honest). For EU companies in regulated industries — healthcare, insurance, financial services — the question is more nuanced than the slide deck suggests.

The compliance question

Start here, not with cost. Some questions kill options before you compare features:

  • Where can the data live? Some regulators or contracts require data residency in the EU, or even in a specific country. Both Azure and AWS support EU regions, but you need to verify that the specific services you'll use (especially newer ones) are available in those regions.
  • What certifications does the cloud provider hold? ISO 27001, SOC 2, ISAE 3402 are standard. For healthcare in the EU, look for HDS-equivalent certifications. For financial services, EBA outsourcing guidelines apply.
  • Schrems II and the US transfers question. Even with EU data centres, Microsoft and AWS are US-headquartered. For some sensitive workloads, this is still a sticking point — usually solved with strong encryption keys you control, but worth verifying with your DPO.

If the compliance question rules out cloud entirely (it does for some defence and government work), the rest of this article doesn't matter. Go on-premise.

Cost reality

Cloud is not always cheaper. The list-price comparison is misleading:

  • You'll pay roughly 30-50% more than reserved-instance prices if you don't commit to capacity.
  • Egress costs are real and surprise teams that move large datasets.
  • Managed services (databases, queues, etc.) cost 2-5x the equivalent self-hosted cost — but save engineering time.
  • On-premise costs are heavily front-loaded: hardware, networking, racking, cooling. Operating cost over five years is often the right comparison window.

For a stable workload at predictable scale (think back-office systems, long-running enterprise apps), on-premise or co-located hardware can be 30-50% cheaper over five years. For workloads with variable demand or rapid growth, cloud wins on agility and amortises the cost difference.

Operational maturity

The cloud-vs-on-premise question is also a question about your team:

  • Cloud requires modern DevOps practices. Infrastructure as code, observability, cost monitoring, identity management. Without those, you'll burn cash and hit outages.
  • On-premise requires traditional IT discipline. Patching, backups, network management, hardware lifecycle planning. Without those, you'll have an unpatched server in a closet running production.

The worst combination is "cloud without DevOps maturity" or "on-premise without IT maturity." Both fail in predictable ways. The team you have should drive the choice as much as the workload.

When on-premise still wins

We still recommend on-premise (or co-located managed hosting) when:

  • Compliance or contracts require it.
  • The workload is stable and the team has IT maturity.
  • Latency to a specific physical location matters (think industrial systems near the shop floor).
  • The data volumes make egress costs prohibitive.
  • The system needs to operate in degraded-internet conditions.

"On-premise" in 2026 doesn't mean you rack the servers yourself. It often means co-located hardware in a managed Tier III/IV data centre, with a partner handling power, cooling, and physical security. You still own the OS upwards.

The boring middle path

Most EU companies we work with end up in a hybrid configuration:

  • Production data and core services in their own data centre or in a private cloud region. Compliance-sensitive workloads stay there.
  • Web tier, mobile backend, and customer-facing apps in Azure or AWS. Where elasticity matters.
  • CI/CD, monitoring, and developer tools as SaaS. Because nobody should run their own GitLab.

This isn't elegant on a slide. It's pragmatic in production.

Azure vs AWS for the cloud part

If you've decided to put workloads on a hyperscaler, the choice between Azure and AWS in the EU usually comes down to two things:

  • Existing Microsoft footprint. If your org already has Office 365, Active Directory, and Dynamics, Azure integration is genuinely a multiplier.
  • Existing engineering culture. Teams from a Linux/open-source background tend to be productive on AWS faster. Teams from a Microsoft background find Azure friendlier.

For most non-Microsoft-native EU teams, AWS has a slight edge in service breadth and documentation depth. For teams already in the Microsoft ecosystem, Azure is the obvious pick. GCP is a third option we'll occasionally recommend for data-heavy or ML-heavy workloads, but rarely for general-purpose EU enterprise software.

What you can take from this

Don't pick a deployment model from a vendor pitch. Decide in this order:

  1. What does compliance allow?
  2. What does the team already operate competently?
  3. What's the workload's variability over a five-year horizon?
  4. What's the actual five-year total cost of ownership in each model?

For most regulated EU companies, the answer is "Azure or AWS for the variable parts, on-premise for the stable parts, and don't pretend the boundary doesn't exist." Boring. Reliable. Defensible to auditors. That's the goal.