Sovereign AI for Accountancy and Audit Firms
Client data under seal, workpapers signed before the work runs, and audit files any partner can verify offline.
An accountancy or audit firm holds the most sensitive record a client ever produces: the true state of its money. Ledgers, board packs, tax positions, going-concern judgements, and the working papers that support an audit opinion all pass through a firm that is trusted to hold them under seal. When artificial intelligence is pointed at that material, the question is not whether it is clever. The question is whether every judgement it touched can be proven, replayed, and defended years later in front of a regulator or a court.
That is a different problem from the one the public cloud was built to solve. We built Mickai, a Sovereign Intelligence Operating System, for exactly this boundary: client data and audit evidence under seal, workpapers that are cryptographically signed at the moment of work, and verification that holds up offline, on hardware the firm owns.
The audit file is evidence, and evidence must survive scrutiny
An audit is a chain of evidence. Every figure in a set of financial statements traces back through a working paper, a test, a sample, and a source document, and the file must show who did what, when, and on what basis. Standards on documentation, and the regimes that enforce them, treat that file as the proof that the opinion was earned rather than assumed. If the file cannot be reconstructed, the opinion is worth little.
General-purpose assistants break this chain in a quiet way. They summarise a lease, flag a revenue anomaly, or draft a memo, and the reasoning evaporates the moment the tab closes. Six months later, when an inspection asks how a conclusion was reached, there is a plausible paragraph and nothing behind it. We treat that gap as unacceptable. In Mickai, the reasoning is not a by-product. It is the record itself.
Every action signed before it runs
At the core of the system sits the Operation Attestation Record, or OAR. Before a brain reclassifies a transaction, ties a balance to a bank statement, or proposes an adjusting entry, the intended action is described and signed, and only then does it execute. The signature is not an afterthought bolted on to a log. It is the permission slip, produced in advance, so that the record of what was going to happen exists independently of whether it happened cleanly.
Those signatures use post-quantum cryptography, the FIPS 204 ML-DSA-65 scheme standardised by the United States National Institute of Standards and Technology, so a workpaper signed today remains verifiable against the day a quantum computer could forge older signatures. Each record is hash-linked into a chain using SHA-3-512, which means a single altered figure anywhere in the file breaks the mathematics for everything that follows. You cannot quietly change one number in last year's audit and leave the rest intact. This way of proving work is not incidental to the product. It sits inside the 104 UK patent applications we have filed, about 2,340 claims in total, all owned by Mickai LTD.
Client data under seal, with zero egress
The reason firms hesitate over cloud assistants is rarely the model. It is the data journey. To use most services, the client trial balance, the payroll extract, the acquisition data room, has to leave the building. For a firm bound by professional confidentiality, and for clients bound by the General Data Protection Regulation, the Digital Operational Resilience Act for financial entities, or sector rules such as the Markets in Financial Instruments Directive and the Basel framework, that journey is the whole risk.
Mickai removes the journey. It runs on hardware the firm owns, on-premise or air-gapped, with zero data egress. The client ledger, the audit evidence, and the draft opinion never cross the firm's own boundary. The public cloud giants, OpenAI, Microsoft, Amazon Web Services, Google, and Oracle, remain valued allies operating a different layer of the stack. We serve the regulated boundary they were never designed to cross on the customer's own terms, which is the boundary where client data must stay put.
Offline verification, so a partner can prove it alone
A signed record is only as good as the ability to check it. Many systems can verify their own work only while connected to the vendor that made them, which is no comfort to a regulator inspecting a file three years after the engagement, or a firm whose supplier has changed hands. We designed verification to need nothing but the file and the public keys.
A reviewer, a quality partner, or an external inspector can take the sealed workpaper set to an isolated machine, with no network at all, and confirm that every attestation is valid, that the hash chain is unbroken, and that the sequence of actions matches the evidence. The proof travels with the file. Nothing has to be trusted on faith, and no phone call to a vendor is required to stand behind the work.
Governance built for the people who sign the opinion
Judgement in an audit belongs to humans, and the system is arranged to keep it there. Brains in Mickai are revocable, so a firm can withdraw a capability the moment it stops trusting it, and every brain operates inside the same signed, tamper-evident audit ledger. High-stakes actions, releasing a final opinion, posting a material adjustment, moving privileged evidence, require more than one brain to agree, together with voice-biometric approval from a named, authorised person.
This maps cleanly onto the assurance frameworks firms already answer to. The EU Artificial Intelligence Act asks for human oversight, logging, and traceability for higher-risk uses. ISO 42001 and the NIST AI Risk Management Framework ask an organisation to show it governs its AI rather than merely using it. A cryptographically-signed ledger of every action, with named human approval on the ones that matter, is that evidence, produced automatically rather than assembled in a panic before an inspection.
The bottom line
For accountancy and audit firms, the value of sovereign AI is not speed for its own sake. It is defensibility. Client data and audit evidence stay under seal on the firm's own hardware. Workpapers are signed before the work runs, chained so tampering shows, and verifiable offline by anyone holding the file. When an inspector, a client, or a court asks how a conclusion was reached, the answer is not a story. It is a proof. That is the standard a profession built on evidence should demand, and it is the standard Mickai is built to meet.




