MICKAI
Article · 4 July 2026

Register of Information Season: Every Line You Do Not Have To Explain

The 2026 Register of Information cycle is live. For the AI workload, ownership does not defend the row. It removes it.

Register of Information Season: Every Line You Do Not Have To Explain
Author
Micky Irons
Published
4 July 2026
Follow Micky Irons
LinkedInX
DORARegister of Informationthird-party riskICT resiliencesovereign AI

The register row you never have to defend

Register of Information season is live. The 2026 cycle runs against a reference date of 31 December 2025, and if you sit inside a DORA-scoped financial entity you already know the shape of the next few weeks. You are reconciling contractual arrangements against RT.01 through RT.99. You are chasing LEIs that vendors still have not filed. You are trying to explain, in a machine-readable template, exactly which of your ICT third-party providers touch a critical or important function, and what happens to that function on the day one of them goes dark.

We built Mickai for the entities on the receiving end of that work. Here is the practical claim, and we will defend it line by line: an owned, air-gapped Sovereign Intelligence Operating System with no external ICT dependency for the AI workload is a register entry you do not have to map, monitor, or defend. It collapses a row.

That is a smaller promise than "compliance in a box," and it is a truer one. Let me show you the delta.

Why the register is where the pain landed

The first enforcement cycle taught the market something the guidance did not. Incomplete or inaccurate registers were among the most common triggers for supervisory follow-up letters. Not incident-reporting failures. Not resilience-testing gaps. The register. The plain administrative artefact that most firms treated as a data-entry exercise turned out to be the document supervisors read first, because it is the map of everything else.

The reason is structural. Your Register of Information is a self-declaration of your entire ICT dependency surface. Every provider you list becomes a thread the supervisor can pull: contractual terms, exit plans, sub-outsourcing chains, concentration risk, the substitutability assessment, whether the arrangement supports a critical or important function. A cloud-hosted AI service is one of the densest threads you can add, because it rarely stops at one row.

Classical marble scene, Metis, gold rim light on void black

What a cloud-AI register row actually costs you

Put a third-party AI platform into a critical or important function and look honestly at what you have just committed to carry.

You carry an ICT third-party service provider entry with its own LEI, country of establishment, and the function it supports. You carry the sub-outsourcing chain behind it, because the model provider sits on a hyperscaler, and that hyperscaler sits on regions you do not choose. You carry a substitutability and exit assessment for a model whose weights, safety layer, and API you do not control and cannot port. You carry data-location evidence for every place your prompts, embeddings, and outputs come to rest. You carry an incident-notification dependency, because when the provider has an event, your clock starts on their disclosure. You carry concentration risk, because half your peer group lists the same three names.

None of this is a criticism of cloud. We want to be exact here, because the market is full of people who over-claim. DORA does not bar you from cloud. Neither does the FCA, the PRA, the EBA, GDPR, or the NHS DSP Toolkit. Cloud is legally permitted with controls, and the overwhelming majority of the market runs that way today. The genuine no-cloud bar is workload-level and narrow: classified material, ITAR-controlled data, isolated OT and SCADA environments, and cases where a data protection impact assessment comes back negative.

So the honest question is not "are you allowed." It is "what do you want to spend your register budget defending." Every cloud-AI row is a set of ongoing obligations you keep alive for the life of the arrangement. That is the cost, and for many teams it is a rational cost. It is simply not the only option.

What an owned SIOS removes from the row

Now run the same function on an owned deployment. Mickai is a Sovereign Intelligence Operating System. You own it and you run it inside your own walls, air-gapped, on your own hardware. There is no external API call for inference, no model provider in the loop, no hyperscaler under the model. The AI workload has no external ICT dependency, because the workload is yours.

Trace that back through the template and watch the entries fall away. There is no third-party provider LEI to file for the AI function, because there is no third party in it. There is no sub-outsourcing chain, because there is nothing sub-contracted beneath your own infrastructure. The substitutability and exit assessment simplifies to your own change management, since the software and its weights live on your estate and port with your estate. Data location is your own data centre, evidenced by your own controls. There is no external incident-notification dependency for the AI layer, because there is no external party whose disclosure your clock waits on.

What you gain instead is a positive artefact rather than a defensive one. Every action Mickai takes writes a cryptographically-signed audit record. When a supervisor asks what the AI did, when, and on whose authority, you do not reconstruct it from provider logs you have to request. You hold a tamper-evident record on your own estate. That is the inversion. The cloud row is a liability you monitor. The owned row is evidence you already have.

Classical marble scene, Metis, gold rim light on void black

The delta, in one line

A cloud-AI register entry is a live obligation: a provider to map, a chain to trace, an exit to plan, an incident clock you do not control. An owned, air-gapped Mickai entry for the same function is your own asset on your own estate, with a signed audit record on every action. One is a thread the supervisor pulls. The other is a thread that ends at your own front door.

We are not telling you to rip out cloud. We are telling you that for the workloads where sovereignty is the sensible preference, and there are more of them than most registers admit, ownership removes the row rather than defending it. That is worth pricing into this cycle rather than the next one.

There is one more piece to the posture. The capability that lets a regulator or auditor independently validate those signed records, without us on your premises, is an on-chain attestation rail. It is a validation utility, a way to check a record, and nothing more. It exists so that "trust our audit log" becomes "verify our audit log yourself." That is the sovereign posture end to end: your infrastructure, your model, your record, independently checkable.

Frequently asked questions

Does an owned AI deployment mean I file nothing in my Register of Information?

No, and we would not claim that. You still run the ICT asset itself: your hardware, your operating environment, your internal function ownership. What you remove is the external third-party provider row for the AI workload and everything that hangs off it, because there is no external provider in an air-gapped owned deployment. You are documenting an internal asset, not a third-party dependency. That is a categorically simpler entry to complete and defend.

Is Mickai claiming DORA bars us from using cloud AI?

No. We are explicit that DORA, the FCA, the PRA, the EBA, and GDPR all permit cloud with appropriate controls, and most institutions run that way. The genuine no-cloud bar is workload-level and narrow. Our argument rests on sovereignty as a preference for control, cost, and data-exfiltration risk, not on a legal prohibition that does not exist. If someone tells you regulation flatly bars your cloud, be sceptical.

How does the signed audit record help in a supervisory review?

Because it moves you from requesting evidence to holding it. Every action the system takes is recorded with a cryptographic signature on your own estate, so questions about what the AI did, when, and under whose authority are answered from a tamper-evident record you already control rather than from third-party logs you have to obtain. This connects directly to our work on the sovereign audit record and to Mickai as a layer-2 operating boundary that sits alongside your existing systems.

Is this built, or is it a roadmap?

It is built and it runs. Mickai is a live Sovereign Intelligence Operating System that regulated organisations own and operate air-gapped inside their own walls. Our patent position is a portfolio of 104 filed UK applications covering roughly 2,340 claims across 13 families, naming inventor Mickarle Wagstaff-Irons, building toward examination. Filed, not granted, and we say so plainly. For the wider picture, see our writing on the register-backed sovereign market and on owning your AI layer rather than renting it.

Micky Irons

Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/dora-register-of-information-2026-what-an-owned-ai-layer-removes-from-it. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles
4 Jul 2026
Alex Karp Is Right: You Are Paying For Tokens You Cannot Audit
Alex Karp said hosted-AI vendors capture your data and bill you for unproductive tokens that create no value. He is right. We built Mickai so regulated organisations own the substrate instead of renting it, with a signed audit record on every action.
4 Jul 2026
The EU Just Pushed High-Risk AI to December 2027. Here Is What We Are Building Instead of Waiting
The Digital Omnibus provisional agreement moves the EU AI Act high-risk deadlines from August 2026 to December 2027. Most coverage frames the delay as relief. We frame it as the window to own your compliance stack outright, so you are compliant on day one in 2027 instead of retrofitting logging, oversight and traceability under a live deadline.
4 Jul 2026
Article 50 Lands in August: Machine-Detectable AI Provenance, and Why We Sign It At Source
Article 50 makes synthetic content machine-detectable from 2 August 2026, and the draft Code of Practice names C2PA as the route. We bind Content Credentials to the cryptographically-signed audit record Mickai writes on every action, so provenance is produced at source inside your own walls, not bolted onto a cloud API afterward.
4 Jul 2026
Under Oath, They Said They Could Not Say No. That Sentence Is the Whole Market
Microsoft France told the French Senate under oath that it cannot guarantee European data will never reach US authorities under the CLOUD Act, even inside a French sovereign region. We think that single sentence defines the market. Sovereign cloud is a real engineering improvement, but while the parent is US-domiciled the legal gap stays open. The only structure where the answer to a foreign subpoena is genuinely no is one you own and run inside your own walls.