[bux93]

There are a few worries. The US government accessing private data is the one that gets this treatment. Sure, the contracts are not worth the paper they're written on, but it's a state actor - even if you store the data only on a USB stick in your wallet in the end they'll find a way to access it. Preventing data leaks to private parties is a more attainable objective, and using a US cloud might actually contribute positively to that.

The new worry is different; denial of service. Your bank can just Go Away one day. Like what happened to Amsterdam-based, but Russian owned, ATB bank. Its cloud resources were blocked and even the Dutch bankruptcy court had trouble getting access to the data to wind down the bank.

That's an existential threat. One you can ignore if your values are aligned with the US administration, but the administration is completely unpredictable, not to say nihilistic. This is making companies very (very) nervous, even without the regulator saying anything to them.