MICKAI
Article · 30 June 2026

Stopping Telco and Payments Fraud With AI That Never Sees the Open Internet

Telcos and payment institutions can run subscriber and transaction fraud detection on AI they own outright, on-prem and air-gapped, with every decision written to a tamper-evident audit record built to satisfy NIS and PSD scrutiny.

Stopping Telco and Payments Fraud With AI That Never Sees the Open Internet
Author
Micky Irons
Published
30 June 2026
Follow Micky Irons
LinkedInX
Sovereign AIMickaiArtificial IntelligenceOpen Audit RecordPatents

The fraud problem regulated operators cannot outsource

Stopping Telco and Payments Fraud With AI That Never Sees the Open Internet, illustration 1

Telecoms operators and payment institutions sit on two of the richest fraud surfaces in the economy. SIM swap, account takeover, international revenue share fraud, Wangiri, subscription fraud, authorised push payment scams, card-not-present abuse and synthetic identity rings all move at machine speed across subscriber and transaction graphs. You cannot fight machine-speed fraud with quarterly rule reviews and a spreadsheet.

AI is the obvious counter. The catch is that the data you most need to model is the data you are least free to move. Subscriber records, call detail records, payment instructions, device fingerprints and KYC files are special-category, supervised and often jurisdiction-bound. Pushing that into a public-cloud AI endpoint can collide with UK GDPR, the Network and Information Systems Regulations, payment-services obligations under PSD-style frameworks, and the reach of the US CLOUD Act over data held by US-controlled providers. For a designated operator of essential services or an authorised payment institution, "we sent the fraud data to someone else's model" is not a sentence you want in an incident report.

This is the gap Mickai was built to close.

AI that never sees the open internet

Stopping Telco and Payments Fraud With AI That Never Sees the Open Internet, illustration 2

Mickai is a sovereign AI operating system, an SIOS. It is AI that regulated businesses own and run inside their own walls, on-premises and air-gapped, with no dependency on a public-cloud model and no telemetry leaving the building. It is built and live, not a concept.

The fraud capability runs inside two Mickai modules. Nemesis is the fraud and AML Studio, named for the Greek goddess who settles accounts and answers wrongdoing. Trust Agent is the identity and decision layer that sits in front of subscriber and transaction events. Together they ingest the signals an operator already holds, score them locally against models the operator owns, and return a decision in line, without a single byte crossing to the open internet.

Because the models execute on hardware the institution controls, the data residency question disappears. There is no foreign sub-processor, no shared multi-tenant inference endpoint, no external API key that could be compromised. The fraud brain lives where the fraud data already lives.

How Nemesis and Trust Agent score fraud on-prem

Stopping Telco and Payments Fraud With AI That Never Sees the Open Internet, illustration 3

The pattern is the same across telco and payments, with domain-specific features in each.

For a telco, Nemesis models the subscriber graph: provisioning events, SIM changes, device and IMEI pairings, roaming behaviour, call detail records and top-up patterns. A SIM swap that precedes an unusual high-cost international call burst, or a cluster of new activations all dialling the same premium ranges, is the kind of coordinated signal that rules miss and a graph-aware model catches. Trust Agent gates the sensitive action, the port-out, the credential reset, the high-risk call, and demands step-up assurance before it completes.

For a payment institution, Nemesis models the transaction graph: beneficiary networks, velocity, device and session fingerprints, mule-account topologies and the behavioural tells of an authorised push payment scam in progress. Trust Agent scores the payment at authorisation time and can hold, challenge or release it inside the operator's own latency budget.

Every score, every feature that drove it, and every human override is written to the OAR, Mickai's tamper-evident, post-quantum-signed audit record. That record is the part regulators and counsel care about most. When an investigator, an auditor or a supervisor asks why a transaction was blocked or a number was suspended, the answer is a cryptographically sealed, replayable trail rather than a screenshot and a verbal recollection.

Why this maps cleanly onto NIS and PSD obligations

Stopping Telco and Payments Fraud With AI That Never Sees the Open Internet, illustration 4

Two regimes shape this work directly.

Under the Network and Information Systems Regulations, designated operators carry duties to manage risk to their networks and to detect and report significant incidents. An on-prem detection layer that produces a signed, time-stamped audit trail of every fraud and security decision is evidence of the risk management and incident-handling posture the regime expects, with none of the third-country transfer exposure that a cloud endpoint introduces.

Under payment-services obligations, institutions must run strong fraud monitoring, support strong customer authentication, and stand behind their transaction-risk decisions. Trust Agent's step-up logic and Nemesis scoring feed those duties, and the OAR gives the supervisor a complete reconstruction of why each decision landed as it did. The Nomos compliance Studio and the Aletheia audit Studio sit alongside, mapping controls and producing audit-ready evidence from the same sealed record.

The wider point is structural. Roughly 0.85 million UK businesses, about 15 percent, and around 5 million across the EU legally cannot send their most sensitive data to public-cloud AI. The drivers are concrete: PRA SS2/21, UK GDPR special-category rules, the EU AI Act's high-risk classification, ITAR and EAR, the NIS Regulations and the CLOUD Act. The sovereign AI market is sized at around USD 40 billion in 2025, rising toward USD 148 billion by 2032. Telco and payments fraud is one of the sharpest expressions of that demand, because the data is both the most valuable to model and the most constrained to move.

Owned, defensible, and built to scale

Stopping Telco and Payments Fraud With AI That Never Sees the Open Internet, illustration 5

Mickai holds 104 filed UK patent applications with roughly 2,340 claims, owned by Mickai LTD, inventor Micky Irons. These are filed rather than granted, which establishes priority and a prior-art moat around the sovereign-AI architecture, the audit record and the Studio design.

As one third-party momentum signal, in June 2026 I was ranked number 4 on Crunchbase by CB Rank for people, verified live, with the Mickai company profile in the top one to two percent globally. That is a dated snapshot of the moment, not a permanent claim, and we are building to scale from it. Mickai is a UK company, with Birmingham manufacturing secured.

A note on posture. Mickai is an ally to the wider AI ecosystem, not a replacement for it. Hyperscalers and frontier labs serve the workloads that belong in public cloud. Mickai serves the workloads that legally cannot go there. For a telco or a payment institution that runs both, the dual-buyer logic is straightforward: general AI in the cloud, regulated and special-category AI inside your own walls on Mickai.

A window for selected partners

Stopping Telco and Payments Fraud With AI That Never Sees the Open Internet, illustration 6

As Mickai scales, a pre-seed window is open to a small number of selected partners: telco operators, payment institutions, and investors who understand the regulated-data wedge and want to be involved early. This is an invitation to the right partners, an opportunity to get involved early. The architecture is built and live; the opportunity is to help take it to scale.

If you run fraud, risk or technology inside a telco or a payment institution and want to see Nemesis and Trust Agent running on data that never leaves your building, reach me directly at micky@mickai.co.uk.

Micky Irons, founder and CEO of Mickai.

FAQ

Does Mickai send any fraud data to a public-cloud model? No. Mickai runs on-premises and air-gapped on hardware the institution owns. The models score subscriber and transaction signals locally, with no telemetry leaving the building and no external inference endpoint.

Which Mickai modules handle telco and payments fraud? Nemesis, the fraud and AML Studio, models the subscriber and transaction graphs. Trust Agent is the identity and decision layer that gates sensitive actions and applies step-up authentication. The Nomos and Aletheia Studios produce compliance and audit evidence from the same record.

How does this help with NIS and PSD obligations? Every fraud and security decision is written to the OAR, a tamper-evident, post-quantum-signed audit record. That gives designated operators and payment institutions a signed, replayable trail for incident reporting, strong customer authentication, and supervisory review, without third-country transfer exposure.

Is Mickai a finished product or a concept? Built and live. Mickai holds 104 filed UK patent applications with roughly 2,340 claims, owned by Mickai LTD, and is building to scale.

How do I get involved? A pre-seed window is open to selected telco operators, payment institutions, and investors. Contact Micky Irons at micky@mickai.co.uk.

Frequently asked questions

Does Mickai send any fraud data to a public-cloud model?

No. Mickai runs on-premises and air-gapped on hardware the institution owns. The models score subscriber and transaction signals locally, with no telemetry leaving the building and no external inference endpoint.

Which Mickai modules handle telco and payments fraud?

Nemesis, the fraud and AML Studio, models the subscriber and transaction graphs. Trust Agent is the identity and decision layer that gates sensitive actions and applies step-up authentication. The Nomos and Aletheia Studios produce compliance and audit evidence from the same record.

How does this help with NIS and PSD obligations?

Every fraud and security decision is written to the OAR, a tamper-evident, post-quantum-signed audit record. That gives designated operators and payment institutions a signed, replayable trail for incident reporting, strong customer authentication, and supervisory review, without third-country transfer exposure.

Is Mickai a finished product or a concept?

Built and live. Mickai holds 104 filed UK patent applications with roughly 2,340 claims, owned by Mickai LTD, and is building to scale.

How do I get involved?

A pre-seed window is open to selected telco operators, payment institutions, and investors. Contact Micky Irons at micky@mickai.co.uk.

Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/on-prem-ai-against-telco-and-payments-fraud. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles