South Africa’s digital transformation agenda — anchored in the National Data and Cloud Policy (2024), the Digital Government Policy Framework and most recently, the Roadmap for the Digital Transformation of Government (2025) — is structurally misaligned with its public procurement framework. The PFMA, MFMA, PPPFA and related instruments presuppose fixed specifications and static pricing, whereas cloud computing and digital public infrastructure operate through consumption-based, modular and iterative modalities. The result is implementation delays, fragmented adoption and reliance on deviations. The Public Procurement Act 2024, and particularly its imminent Regulations, offer a critical opportunity to realign procurement law with the technical and commercial realities of cloud and DPI.
This comprehensive report, prepared by Prof Geo Quinot and Mr Joshua Swart for APLU, is positioned as an intervention in both the public cloud policy development and public procurement reform in South Africa. Specifically, the report analyses the interaction between these developments. The ultimate aim is to inform the continued development of South Africa’s public procurement system, currently primarily through the development of the PPA Regulations, to align procurement law with the technical and commercial realities of cloud computing and DPI.
The central finding of this paper is that South Africa’s digital transformation challenge is no longer one of policy formulation, but of legal and institutional operability.
Jurisdictions that have successfully implemented cloud-enabled government have done so by adapting procurement frameworks to the technical and commercial realities of digital infrastructure. South Africa faces the same imperative: digital policy must now be translated into enforceable procurement rules, standards and institutional arrangements.
The Public Procurement Act 2024 provides a critical opportunity to achieve this translation, especially through the drafting of detailed implementation regulations under the Act.
To enable lawful, secure and scalable cloud adoption and DPI development, the PPA Regulations should incorporate the following elements.
