Sovereign AI for Mortgage Lenders: Underwriting, Arrears and Forbearance With an Auditable Trail
Mortgage underwriting and forbearance decisions carry Consumer Duty weight, so every outcome a lender's AI produces should be reproducible, attributable and signed, running inside the lender's own walls rather than a shared public cloud.
The mortgage decision is a regulated decision
A mortgage is the largest financial commitment most households ever make, and the decisions around it are among the most heavily supervised in UK finance. Whether to lend, how to assess affordability, when a borrower in arrears is offered forbearance, whether an interest-only maturity is handled with support or foreclosure: each of these is a regulated act. Under the FCA's Consumer Duty, a lender must be able to show it delivered good outcomes and did not cause foreseeable harm. Under SM&CR, a named senior manager owns that obligation personally.
That is the difficulty with general public-cloud AI for these decisions. A model that produces a recommendation you cannot reproduce, cannot attribute, and cannot fully explain is not decision support for a regulated lender. It is an unmanaged risk sitting inside a controlled function.
Mickai takes a different position. Mickai is a sovereign AI operating system (SIOS): AI that a regulated business owns and runs inside its own walls, on-prem and air-gapped, with every action written to a tamper-evident, post-quantum-signed audit record we call the OAR. It is built and LIVE, and we are building to scale. For a mortgage lender or building society, that means the underwriting and arrears intelligence lives where the loan book lives, and every outcome carries a trail.
Underwriting that shows its work
Underwriting runs on our Tyche Studio, the decision and underwriting engine. Affordability assessment, income verification logic, credit-file interpretation and policy-rule application all execute on the lender's own hardware, against the lender's own policy corpus, with no borrower data leaving the estate.
The property that matters is not speed. It is reproducibility. When Tyche returns an affordability outcome, the OAR captures the inputs it saw, the policy version it applied, the model state that produced the result, and a cryptographic signature over the whole event. Run the same case a year later, in a Section 166 review or an FCA information request, and you can reconstruct why the answer was what it was. A recommendation and its justification are bound together and cannot be quietly rewritten after the fact.
This maps onto what the Head of Model Risk and the Head of Internal Audit are accountable for. Under SS1/23 model risk management expectations, a model that cannot be governed, versioned and independently validated is a model that should not be in production. An estate that records its own inputs, versions and outcomes gives model-risk oversight something it can actually attest to.
Arrears and forbearance under Consumer Duty
Forbearance is where the outcomes obligation bites hardest. A borrower falling behind is, by definition, in a position of potential vulnerability, and the FCA's tailored-support expectations are explicit that firms must treat these customers fairly and evidence that they did.
Our Iris Studio handles the borrower-facing interaction and case handling, and Nomos, the compliance Studio, checks each proposed action against the applicable rulebook before it is offered. When the system suggests a payment concession, a term extension, a switch to interest-only, or a capitalisation of arrears, the reasoning is recorded: the borrower's circumstances as understood, the options considered, the fairness checks applied, and the outcome. If the case is later reviewed, the Chief Customer Officer and the board have a defensible, reproducible record rather than a reconstructed narrative.
Vulnerability handling is not a bolt-on here. Because the model runs air-gapped against the lender's own tailored-support policy, sensitive borrower data never traverses a third-party cloud. That keeps UK GDPR special-category handling clean and supports the operational-resilience expectations that the CRO and CISO answer for under PRA and FCA rules.
What "sovereign" actually means in the architecture
Sovereignty here is an engineering claim, not a marketing one, so it is worth being concrete about how it holds up.
- Air-gapped RAG. The retrieval layer is built over the lender's own document estate: lending policy, forbearance frameworks, product terms, past decisions. It does not reach out to the public internet, so answers are grounded in the institution's own record and cannot be poisoned from outside.
- Fifty brains under a deterministic arbiter. Rather than one opaque model, Mickai runs fifty specialised brains coordinated by a deterministic arbiter, so the path from question to answer is inspectable and repeatable rather than a single black box.
- ML-DSA-65 post-quantum signing. Every OAR entry is signed with a post-quantum algorithm, so the audit trail stays verifiable even against a future adversary with a quantum computer. Mortgage records live for decades, and the signatures need to outlive the threat.
- Hardware-bound identity and compensating rollback. Actions are tied to hardware-bound identity, and where an automated step needs to be unwound, the system uses compensating rollback rather than silent deletion, so the correction is itself recorded.
The point of the OAR is not that it produces logs. Every system produces logs. The point is that the record is tamper-evident and independently verifiable, which is the difference between an audit trail you hope holds up and one that does.
Why this lands now
The regulatory direction is one-way. Consumer Duty raised the evidential bar, PRA and FCA operational-resilience rules put third-party dependency under the microscope, and model-risk supervision increasingly treats an unexplainable model as an unacceptable one. Sovereign AI, the category of AI a regulated firm can own and run under its own control, was valued at roughly USD 40B in 2025 and is projected toward USD 148B by 2032. Around 0.85M UK businesses and some 5M across the EU sit in a position where public-cloud AI is difficult or barred outright.
Mickai's estate is built for exactly that position: 104 filed UK patent applications, around 2,340 claims, held by Mickai LTD, giving a genuine priority and prior-art moat rather than a slide deck. Filed, not granted, but that is the point of a priority position. As a third-party momentum signal, Micky Irons was ranked #4 on Crunchbase in June 2026, with the Mickai company profile in the top 1 to 2 percent globally. We are a UK company with Birmingham manufacturing secured, and we are building to scale.
We see this as being an ally to the wider AI ecosystem, not a rival to it. The hyperscalers are optimised for scale and openness. Regulated lenders need the opposite property: containment, attribution and control. Mickai is the layer that gives them that, and it sits alongside the tools they already use.
The window
We are in conversation with a small number of selected institutions, chosen for fit: lenders, building societies and servicers who feel the Consumer Duty and model-risk pressure most acutely and want to move first. If that describes your institution, I would welcome a direct conversation.
Micky Irons, founder and CEO of Mickai. Reach me at micky@mickai.co.uk.
FAQ
Does Mickai send borrower data to a public cloud? No. The underwriting and arrears intelligence runs on-prem and air-gapped on the lender's own hardware. Borrower data does not leave the estate, which keeps UK GDPR special-category handling and operational-resilience obligations clean.
How does the OAR help with Consumer Duty and a Section 166 review? Every decision writes a tamper-evident, post-quantum-signed record of the inputs, the policy version, the model state and the outcome. A case can be reconstructed later exactly as it was decided, so the record you present is the record that was made, not a narrative rebuilt after the fact.
How does this fit SS1/23 model risk management? The estate versions its models and policy, records each decision, and supports independent validation, which is what model-risk supervision expects before a model runs in production.
Is Mickai a competitor to the large AI providers? No. Mickai is an ally to the wider ecosystem. Hyperscalers optimise for scale and openness; regulated lenders need containment, attribution and control. Mickai provides that layer alongside the tools a lender already uses.
Frequently asked questions
Does Mickai send borrower data to a public cloud?
No. The underwriting and arrears intelligence runs on-prem and air-gapped on the lender's own hardware. Borrower data does not leave the estate, which keeps UK GDPR special-category handling and operational-resilience obligations clean.
How does the OAR help with Consumer Duty and a Section 166 review?
Every decision writes a tamper-evident, post-quantum-signed record of the inputs, the policy version, the model state and the outcome. A case can be reconstructed later exactly as it was decided, so the record you present is the record that was made.
How does this fit SS1/23 model risk management?
The estate versions its models and policy, records each decision, and supports independent validation, which is what model-risk supervision expects before a model runs in production.
Is Mickai a competitor to the large AI providers?
No. Mickai is an ally to the wider ecosystem. Hyperscalers optimise for scale and openness; regulated lenders need containment, attribution and control. Mickai provides that layer alongside the tools a lender already uses.






