MICKAI®
Article · 11 July 2026

Is my AI sovereign? A ten-point self-assessment

Ten binary checks reveal whether the AI you already run is genuinely sovereign, and failing any single one means it is not.

Is my AI sovereign? A ten-point self-assessment
Author
Micky Irons
Published
11 July 2026
Follow Micky Irons
LinkedInX
sovereign aiai governancedata sovereigntyai complianceon-premise ai

Test your AI against ten checks and it is sovereign only if it passes all ten, because one broken link hands control to someone else.

The question matters more in 2026 because control is now a compliance and continuity concern, not a preference. DORA has been in force across EU financial entities since January 2025, NIS2 covers essential and important entities, and the US CLOUD Act can compel a US-based provider to hand over data regardless of where its servers sit. Meanwhile the EU AI Act timeline shifted: high-risk Annex III obligations once due 2 August 2026 were deferred by the Digital Omnibus to 2 December 2027. Knowing whether your AI is sovereign is now a board-level answer, not a technical footnote.

What are the ten checks to score your AI against?

The ten checks cover weights, inference location, updates, egress, audit trail, kill switch, jurisdiction, governance, key custody and continuity, each scored a pass or fail.

  • 1. Weights: pass if you physically hold the model weights; fail if a vendor account holds them.
  • 2. Inference location: pass if inference runs on hardware you own; fail if prompts travel to a shared endpoint.
  • 3. Update channel: pass if you stage and approve each update; fail if updates arrive silently.
  • 4. Egress: pass if nothing leaves without an approved rule; fail if the system phones home by default.
  • 5. Audit trail: pass if every action is logged and tamper-evident; fail if logs are editable or vendor-held.
  • 6. Kill switch: pass if you can halt it locally and instantly; fail if shutdown needs a vendor console.
  • 7. Jurisdiction: pass if no foreign law can reach the data; fail if a foreign statute can compel it.
  • 8. Governance: pass if your policy binds the model; fail if the vendor's terms do.
  • 9. Key custody: pass if you hold the signing keys; fail if the vendor escrows them.
  • 10. Continuity: pass if it keeps running without the vendor; fail if a cancelled contract ends access.
Is my AI sovereign? A ten-point self-assessment, illustration 1

How do the checks map to pass signals, fail signals and a sovereign design?

Each check has a pass condition to meet, a fail signal to catch and a substrate design that satisfies it, shown in the table below.

Mickai, our Sovereign Intelligence Operating System, is built and live and runs offline on operator-owned hardware with every action cryptographically sealed. The final column is kept separate so the checks read on their own merits and the SIOS simply illustrates one way to satisfy each.

CheckPass conditionFail signalHow Mickai satisfies it
WeightsYou hold the weights on your hardwareWeights locked in a vendor accountSovereign weights on operator-owned hardware
Inference locationInference runs on hardware you ownPrompts leave for a shared endpointInference runs fully offline on your hardware
Update channelYou stage and approve each updateSilent auto-updates from a vendorUpdates operator-staged and signed before applying
EgressNothing leaves without an approved ruleTelemetry or prompts phone homeZero-egress inbound perimeter blocks outbound calls
Audit trailEvery action logged and tamper-evidentLogs absent, editable or vendor-heldPost-quantum signed audit ledger seals every action
Kill switchYou can halt it instantly and locallyShutdown depends on a vendor consoleLocal kill switch stops inference with no external call
JurisdictionNo foreign law can compel the dataA US provider can be served under the CLOUD ActData stays on your soil, outside foreign compulsion
GovernanceYour policy governs the modelPolicy fixed by the vendor's termsOperator-defined policy enforced at the substrate
Key custodyYou hold the signing keysThe vendor holds or escrows your keysKeys held by you, bound to hardware-attested identity
ContinuityIt keeps running if the vendor disappearsA cancelled contract ends accessRuns offline, so continuity needs no vendor
Is my AI sovereign? A ten-point self-assessment, illustration 2

Where does your AI actually run, and who can reach it?

Your AI runs sovereignly only when inference happens on hardware you own, no prompts leave the perimeter and the system stays verifiable while fully offline.

Inference location and egress are the two checks operators fail most often. A model that runs on someone else's endpoint means your prompts, and the sensitive context inside them, cross a boundary you do not control. Sovereign design keeps inference on operator-owned hardware and wraps it in a zero-egress inbound perimeter: connections come in, nothing calls out unless an operator writes the rule. Because the system is verifiable while fully offline, you can prove what it did without trusting a remote dashboard.

Is my AI sovereign? A ten-point self-assessment, illustration 3

Who controls the weights, updates and keys?

You are sovereign only if you hold the weights, approve updates and custody the signing keys yourself, with identity hardware-attested and bound to the ledger.

Weights, updates and keys decide who really owns the intelligence. If a vendor can change your model overnight or holds the keys that sign your records, the system answers to them. Sovereign custody means the weights sit on your hardware, every update is operator-staged and signed before it applies, and the signing keys never leave your custody. Identity is hardware-attested and bound to the audit chain, so every action traces to an attested actor. The audit ledger is sealed with post-quantum signatures: FIPS 204 (ML-DSA) and FIPS 205 (SLH-DSA) sign it, while FIPS 203 (ML-KEM) handles key encapsulation and never signs. The substrate carrying these guarantees is protected by 104 filed UK patent applications and 2,340 claims, owned by Mickai LTD (Companies House 17166618), filed and patent pending.

Is my AI sovereign? A ten-point self-assessment, illustration 4

Which jurisdiction and governance actually bind your AI?

Sovereignty holds only when no foreign law compels your data, your own policy governs the model, and kill switch and continuity outlast any vendor.

Jurisdiction is the check that survives every technical control. Servers on home soil do not help if the operator is a US-based provider, because the CLOUD Act reaches the provider, not the rack. Sovereign governance puts your policy, not a vendor's terms, in charge of what the model may do, and it holds even when disconnected. A local kill switch lets you stop inference instantly, and continuity means the system keeps running if the vendor disappears. Cross-model consensus across 50 brains, 25 domain and 25 operational, keeps decisions checkable rather than resting on a single opaque model.

Sovereignty is not a feature you switch on; it is a chain of custody that either holds end to end or does not.

Is a public cloud assistant ever the right choice?

Public cloud assistants are the right pick for general productivity, but they cannot be sovereign for your sensitive data because control stays with the provider.

Public cloud assistants earn their place. For drafting, summarising and everyday productivity, services like ChatGPT, Microsoft Copilot and Google Gemini are fast, capable and the sensible default. The line to hold is your most sensitive data: regulated records, classified material and anything that cannot lawfully leave your control. For that tier, a shared endpoint fails several of the ten checks by design, because weights, inference and keys sit with the provider. This is an architecture point, not a criticism of any company. On cost, the honest framing is scaling behaviour: sovereign inference trades a shared per-call meter for capacity you own, so unit economics improve as usage grows rather than rising with every query. We share specifics in briefings, not publicly.

Frequently asked questions

How many checks does my AI need to pass to be sovereign?

All ten. Sovereignty is binary rather than a score out of ten, because a single fail hands some element of control to a party outside your perimeter. Weak weights custody or a silent update channel undoes strong controls everywhere else. Treat any fail as a fail for the whole system.

Can I make a public cloud assistant sovereign with the right settings?

No. Settings can tighten egress and logging, but the weights, inference and keys still sit with the provider, so several checks fail structurally. Those assistants remain excellent for general productivity. For sovereign workloads, the substrate itself has to change.

Does the EU AI Act force sovereign AI by 2 August 2026?

No. The high-risk Annex III obligations once due on 2 August 2026 were deferred by the Digital Omnibus to 2 December 2027, with embedded Annex I high-risk moving to 2 August 2028 and Article 50 transparency largely unchanged. Sovereignty is about control and continuity, which matter regardless of any single deadline.

What signs the audit ledger, and is it quantum-safe?

The ledger is sealed with post-quantum signatures under FIPS 204 (ML-DSA) and FIPS 205 (SLH-DSA). FIPS 203 (ML-KEM) handles key encapsulation and never signs. That separation keeps the audit trail verifiable even against a future quantum adversary.

Does Mickai publish its prices?

Shared in briefings, not publicly. In writing we describe scaling behaviour and ratios rather than figures, because sovereign deployments vary by hardware, data tier and continuity requirements. A briefing lets us map the ten checks to your environment before discussing commercials.

Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/is-my-ai-sovereign-a-self-assessment-checklist. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles