MICKAI
Article · 2 July 2026

Sovereign AI for defence suppliers: capability that never leaves your walls

Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls. For defence suppliers bound by export control, that is the difference between an AI toolset they can lawfully use and one they cannot.

Sovereign AI for defence suppliers: capability that never leaves your walls
Author
Micky Irons
Published
2 July 2026
Follow Micky Irons
LinkedInX
sovereign AIdefenceexport controlITARair gapped

Why defence suppliers cannot send their data to public cloud AI

For a defence supplier, the constraint is not preference. It is law and contract. ITAR and the US Export Administration Regulations govern technical data long before it reaches a model. UK MOD conditions, the NIS Regulations, and the US CLOUD Act all pull in the same direction. A drawing, a firmware image, a materials specification, or a maintenance log can be controlled technical data, and moving it to a public cloud AI service can constitute an export or an unlawful disclosure. The moment that data leaves your walls, you have lost the argument with your regulator and, often, with your prime contractor.

This is why the generation of AI tools that assume a public cloud round trip is closed to a large part of the defence supply chain. The tools are useful. They are also unusable for the work that matters most, because the work that matters most is exactly the work that cannot leave the building.

We built for that constraint from the first line. Mickai is a sovereign intelligence operating system that regulated businesses own and run inside their own walls.

What we mean by sovereign

We run entirely on the customer's own hardware, on premises and air gapped. There is zero data egress and no public cloud round trip. Your technical data does not transit a third party network, does not rest on a shared tenancy, and is never used to train anyone else's model. Sovereignty here is not a marketing posture. It is an architecture: the system is designed so that there is no path for controlled data to leave the estate, because there is no outbound path at all.

That distinction matters to an export control officer in a way that assurances and data processing addenda do not. You cannot breach an export rule with a system that has nowhere to send the data. We designed the product so that compliance is a property of the deployment, not a promise on a contract page.

How the system is built

We run about fifty specialist models, twenty five domain and twenty five operational, with cross model routing under a deterministic arbiter. The arbiter is the point that matters for a regulated buyer. It means outputs are reproducible. Given the same inputs and the same state, we produce the same result, which is what allows the work to be reviewed, defended, and audited rather than merely trusted.

We organise capability into studios. Each carries a Greek name and a serious function. Nemesis covers fraud and anti money laundering. Plutus covers finance and FP&A. Tyche covers underwriting. Prometheus covers forecasting. Iris covers customer service. Nomos covers compliance. Astraea covers legal. Panacea covers clinical. Pythia covers business intelligence. Aletheia covers audit. Vinis covers voice. The Agentic Marketing Team covers outbound work. Trust Agent is the perimeter, and we offer OAR as a Service for organisations that want the audit record without the full estate.

For a defence supplier, the relevant point is not the breadth of the catalogue. It is that all of it runs behind your own firewall, on your own metal, with the same guarantees applied uniformly. You do not have to choose between capability and containment.

The Open Audit Record

Every consequential action the system takes is signed under post quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash chained into a tamper evident, append only ledger. This is the Open Audit Record. Anyone can verify it offline, for decades, without trusting us as the vendor.

Consider what that gives a supplier under audit. When a prime contractor, an auditor, or a regulator asks who did what, when, and on whose authority, the answer is not a database export that your own administrators could in principle have edited. It is a cryptographic chain that stands on its own. The verifier does not have to trust your good faith, and they do not have to trust ours. They check the maths. For a sector where the burden of proof sits with the supplier, an audit record that survives the vendor and survives the passage of time is not a convenience. It is the point.

The choice of post quantum primitives is deliberate. Controlled technical data has a long classified life. An audit record signed with cryptography that a future machine can forge is an audit record with an expiry date. We signed the ledger to outlast the threat, not merely to satisfy this year's checklist.

Attestation across many sites

Defence work is rarely done at one location. It runs across factories, test ranges, forward sites, and partner facilities, many of them with poor or no connectivity by design. Pantheon, our post quantum Layer 1, is on testnet and gives multi node attestation across fielded units with no central server. Each unit can attest to its own state and to the state of its peers without any of them phoning home to a coordinator.

That is the property a distributed defence programme actually needs. There is no single server whose compromise unravels the chain of custody, and no dependency on a link back to headquarters that an air gapped site cannot provide. Trust is established between the units themselves, cryptographically, wherever they happen to sit.

The market we serve

The sovereign AI market is roughly USD 40 billion in 2025, rising to about USD 148 billion by 2032. Around 0.85 million UK businesses, about 15 percent, and roughly 5 million across the EU legally cannot send their data to public cloud AI. Defence suppliers sit squarely inside that population, alongside the drivers that define it: ITAR and EAR, the NIS Regulations, the US CLOUD Act, PRA model risk expectations under SS1/23 for the firms that also carry financial exposure, UK GDPR special category data, the NHS Data Security and Protection Toolkit, and the EU AI Act high risk classification.

This is not a niche waiting to be persuaded. It is a large, regulated, underserved market that has been told, correctly, that the mainstream tools are not for them. We built the tool that is.

Two buyers, one stack

Our strategy has two sides. We sell sovereign AI directly to regulated firms that the public cloud cannot lawfully reach, defence suppliers among them. We also license the patented stack to the platforms that want to reach those same firms and cannot do so with a public cloud design. A platform that adds a sovereign layer instantly reaches the regulated market it cannot serve today, and it reaches it with an audit record and an attestation model already built. Our internal analysis maps 196 companies and 311 patent company pairs as potential licensees, including names such as Microsoft, AWS, NVIDIA, Google, Adobe, and IBM. That is potential licensee sizing, not a signed book and not an infringement claim.

We are an ally to the AI majors, not a challenger to them. The regulated segment is one the large platforms structurally cannot enter with their current architecture, and it is precisely the segment we were built for. The two sides of the business reinforce each other rather than compete.

The patent position

We hold 104 filed UK patent applications, roughly 2,340 claims, across 13 invention families, owned by Mickai LTD, with named inventor Mickarle Sean Junior Wagstaff-Irons. These are filed, not granted. Filing establishes priority and builds a prior art moat around the sovereign architecture, the audit record, and the attestation model. For a buyer, that matters because it signals durability. The approach a supplier depends on is not something a larger vendor can trivially copy and fold into a public cloud offering without engaging with the filed position.

The company

Mickai LTD is a UK company, Companies House number 17166618, with Birmingham manufacturing secured. Micky Irons is founder and CEO. We build in Britain, for buyers who need the system to stay in Britain, or wherever their own walls happen to be. The manufacturing base matters to a defence buyer for the same reason the architecture does: sovereignty is easier to assure when the supply chain does not route through jurisdictions you cannot control.

Where this leaves a defence supplier

The position is straightforward. The modern AI toolset is closed to much of the defence supply chain because it assumes a data path that export control forbids. We removed the data path and kept the capability. The result is a system a supplier can run inside an air gapped facility, that produces reproducible outputs, that signs every consequential action into an audit record any regulator can verify offline for decades, and that attests to itself across every site in a programme without a central server.

Our pre-seed round is opening soon, and we welcome inquiries from interested partners by email at micky@mickai.co.uk or on LinkedIn. The core message, though, is not about the round. It is that the market of regulated buyers who cannot use public cloud AI is large, defined by law rather than taste, and, for the first time, fully served by a system built to live inside their own walls.

Can Mickai run in a fully air gapped defence facility?

Yes. We run entirely on the customer's own hardware, on premises and air gapped, with zero data egress and no public cloud round trip. There is no outbound path for controlled technical data, which is the property an export control officer needs to see rather than merely be told about.

How does the Open Audit Record help under a defence audit?

Every consequential action is signed under post quantum cryptography (FIPS 204 ML-DSA-65, with ML-KEM-768) and hash chained into a tamper evident, append only ledger. An auditor, a prime contractor, or a regulator can verify that record offline, for decades, without trusting us and without trusting your own administrators, because the guarantee is cryptographic rather than procedural.

Are the patents granted, and why does that matter to a buyer?

They are filed, not granted: 104 filed UK patent applications, roughly 2,340 claims, across 13 invention families, owned by Mickai LTD. Filing establishes priority and a prior art moat, which signals that the sovereign approach a supplier depends on is defensible and durable rather than easily replicated.

Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/defence-suppliers. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles