Sovereign AI for Reinsurance: Treaty Pricing and Catastrophe Modelling Behind the Firewall
Reinsurers can run catastrophe models and treaty analytics on-prem so cedant loss data never leaves the wall, with every model run written to a tamper-evident, post-quantum-signed audit record.
The cedant's data is not yours to export
A reinsurance treaty is a transfer of other people's risk. When a cedant hands you a loss run, an exposure schedule, or a bordereau, they are handing you the granular, often special-category, record of their own policyholders. That data sets the price you quote, the retention you agree, and the capital you hold against it. It is also, in most jurisdictions, data you have a legal and contractual duty to protect, and increasingly a duty not to move into a public-cloud AI service where residency, the sub-processing chain, and the training-data boundary sit outside your control.
The modern reinsurance stack pulls hard the other way. Catastrophe modelling, treaty optimisation, exposure aggregation, and reserving are all increasingly AI-assisted, and the convenient path routes everything through someone else's data centre. For a regulated reinsurer that path collides with UK GDPR special-category handling, the PRA's operational resilience expectations, DORA's ICT and third-party risk regime across the EU, and the plain commercial fact that a cedant who learns their loss data was processed in a shared model environment may not renew.
Mickai removes that collision. It is a sovereign AI operating system: AI that a regulated business owns and runs inside its own walls, on-prem and air-gapped, with every action written to a tamper-evident, post-quantum-signed audit record. The cat model runs behind your firewall. The cedant data never crosses the wall. And the record of what ran, on what, and why is something you can put in front of a regulator without redaction or apology.
Catastrophe modelling that stays behind the wall
Cat modelling is where the exposure is most concentrated and the residency question most acute. Peril footprints, vulnerability curves, secondary uncertainty, and the cedant's own geocoded exposure are combined to produce an exceedance-probability curve that drives the whole treaty. That is precisely the workload the industry has been most eager to accelerate with AI, and precisely the workload where sending data outside the wall is least defensible.
Mickai runs the analytics layer on-prem against an air-gapped retrieval store. The underwriter can interrogate exposure aggregations, stress a portfolio against a synthetic event set, compare vendor model output to an internal view, and draft the technical narrative for a treaty, all without a single row of cedant data leaving the estate. The AI reads from your sealed corpus, not the open internet, so there is no path by which a policyholder address or a claim history leaks into a third party's training pipeline. Air-gapped retrieval is not a setting you toggle on. It is the architecture.
Treaty pricing the Head of Model Risk can sign
Under SS1/23, model risk management is now a board-level expectation, and a pricing model no one can explain is a finding waiting to happen. The problem with most AI-assisted pricing is not that it is wrong, it is that it is unaccountable: the run cannot be reproduced, the inputs cannot be pinned, and the rationale cannot be reconstructed six months later when the treaty is under review.
Mickai answers to that directly. Beneath the surface sit fifty domain brains coordinated by a deterministic arbiter, so a treaty-pricing request follows a defined, repeatable path rather than a probabilistic guess that varies run to run. Tyche, the underwriting studio, handles the pricing logic; Plutus covers the capital and finance view; Prometheus runs the forecasting and scenario work; Aletheia writes the audit trail. The Head of Model Risk gets what SS1/23 actually asks for: a model whose runs are reproducible, whose inputs are pinned, and whose decision path is legible.
The OAR: every model run is evidence
Every action Mickai takes is written to the Operational Audit Record. Each entry is signed with ML-DSA-65, a post-quantum signature standard, and bound to hardware-bound identity so the record cannot be forged, backdated, or repudiated even by an insider with administrative access. For reinsurance that turns a compliance burden into an asset.
When an internal auditor, a PRA reviewer, or a cedant's own diligence team asks how a treaty was priced, the answer is not a reconstructed narrative assembled after the fact. It is the record itself: which model version ran, which exposure set it read, which brain produced which output, and who authorised the release. Where an action needs to be unwound, compensating rollback reverses it cleanly and logs the reversal. The audit trail is not a report you generate. It is a byproduct of the system running.
This is also why the buyer roles line up so neatly. The CRO gets a defensible pricing chain. The Head of Internal Audit gets tamper-evident evidence. The DPO gets special-category data that provably never left the estate. The General Counsel gets a record that stands up to scrutiny. The Board gets operational resilience they can attest to under the PRA regime.
Why this is a category, not a feature
Roughly 0.85 million UK businesses and around 5 million across the EU are effectively barred from putting regulated workloads through public-cloud AI. Independent projections put the sovereign AI market at around USD 40 billion in 2025, growing toward USD 148 billion by 2032. Reinsurance sits squarely inside that wedge: high data sensitivity, a hard regulatory perimeter, and a clear commercial penalty for getting residency wrong.
Mickai is built and LIVE, with 104 filed UK patent applications and roughly 2,340 claims held by Mickai LTD, a priority and prior-art position across the sovereign architecture rather than a single product. As a dated third-party signal, founder Micky Irons was ranked number 4 on Crunchbase in June 2026, with the company placed in the top one to two percent globally. UK company, Birmingham manufacturing secured, building to scale.
Mickai is an ally to the regulated reinsurer, not a replacement for the modelling expertise your actuaries already hold. It is the substrate that lets that expertise run on AI without surrendering the data, the audit trail, or the cedant relationship.
Working with selected partners
We are opening a window to a small number of selected partners in insurance and reinsurance who want to run cat modelling and treaty analytics behind their own wall, with the audit record to prove it. This is a deliberate, limited engagement, not a general call. If that is your problem, I would like to hear from you.
Micky Irons, founder and CEO of Mickai. Reach me directly at micky@mickai.co.uk.
Frequently asked questions
How does Mickai keep cedant loss data from leaving the firewall?
The catastrophe models and treaty analytics run on-prem, air-gapped, against a sealed internal retrieval store. The AI reads from your own corpus rather than the open internet, so exposure schedules, bordereaux, and loss runs are never transmitted to a public-cloud AI service or any third-party training pipeline. Air-gapping is the architecture, not an optional setting.
Does this satisfy SS1/23 model risk management expectations?
It is designed for it. A deterministic arbiter coordinates fifty domain brains so a treaty-pricing run follows a defined, repeatable path. Runs are reproducible, inputs are pinned, and the decision path is legible, with the full chain written to the Operational Audit Record for the Head of Model Risk and the board to review.
What makes the audit record credible to a PRA reviewer or a cedant's diligence team?
Every entry in the Operational Audit Record is signed with ML-DSA-65, a post-quantum signature standard, and bound to hardware-bound identity, so it cannot be forged, backdated, or repudiated even by an insider with administrative access. Reviewers see the record itself: model version, exposure set, brain output, and authoriser, rather than a narrative reconstructed after the fact.
Is Mickai available today?
Yes. Mickai is built and LIVE, backed by 104 filed UK patent applications and roughly 2,340 claims held by Mickai LTD. It is a UK company with Birmingham manufacturing secured, building to scale.






