MICKAI
Article · 1 July 2026

Sovereign AI Against Telco Network and Subscriber Fraud: Detection That Stays On the Network

SIM-swap, IRSF and subscriber fraud move at the speed of the network, and the data that detects them carries special-category and lawful-intercept constraints that public-cloud AI cannot lawfully touch. The detection has to run inside the operator.

Sovereign AI Against Telco Network and Subscriber Fraud: Detection That Stays On the Network
Author
Micky Irons
Published
1 July 2026
Follow Micky Irons
LinkedInX
Sovereign AIMickaiArtificial IntelligenceOpen Audit RecordPatents

The fraud lives where the data cannot leave

Sovereign AI Against Telco Network and Subscriber Fraud: Detection That Stays On the Network, illustration 1

Telco fraud is structural, not incidental. SIM-swap account takeovers, international revenue share fraud (IRSF), Wangiri call-back scams, subscription fraud at onboarding, and SIM-box bypass all exploit the same weakness: signalling and subscriber events happen faster than batch review can catch them, and the records that prove the fraud are some of the most tightly regulated data an operator holds.

Call detail records (CDRs) describe who called whom, when, for how long, and from where. Combine those with subscriber identity, device IMEI, location, and SIM provisioning history and you are holding special-category and location data under UK GDPR, sitting directly alongside lawful-intercept obligations under the Investigatory Powers Act and equivalent EU regimes. This is data the operator is legally required to protect, retain under specific rules, and in many cases keep within defined jurisdictional and access boundaries.

That is the contradiction at the heart of telco fraud detection. The most effective fraud models train and run on exactly the data that is hardest to move. Stream CDRs and subscriber events to a public-cloud AI service and you have not just created a privacy exposure. You have potentially placed lawful-intercept-adjacent data inside infrastructure subject to the US CLOUD Act, broken your own residency commitments, and handed a regulator a finding before a single fraud ring is caught.

Mickai resolves the contradiction by refusing to make the trade.

Detection that stays on the network

Sovereign AI Against Telco Network and Subscriber Fraud: Detection That Stays On the Network, illustration 2

Mickai is a sovereign AI operating system. It is AI that a regulated business owns and runs inside its own walls, on-premise and air-gapped, with every action written to a tamper-evident, post-quantum-signed audit record we call the OAR. For a telco, that means the fraud models run where the CDRs and subscriber data already live, inside the operator's own security perimeter. Nothing is shipped to a third-party cloud. Nothing crosses a border it was not authorised to cross.

This is the difference between a fraud platform you rent and a fraud capability you own. When detection runs on the network, the data never leaves the regime that governs it. CDRs stay under the operator's retention and access controls. Lawful-intercept boundaries stay intact, because the AI sits inside the same trust domain as the rest of the lawful-intercept architecture rather than outside it. Residency commitments hold, because there is no egress to a foreign jurisdiction to begin with.

The fraud studio inside Mickai is Nemesis, our fraud and AML subsystem. Nemesis is built to read the signals telco fraud actually produces: velocity anomalies on SIM provisioning, sudden routing toward high-cost international ranges that signals IRSF, call-pattern fingerprints that mark Wangiri and SIM-box bypass, and the behavioural breaks that precede a SIM-swap takeover. It scores these in flow, against the operator's own data, and it does so without that data ever becoming someone else's training corpus.

Why on-premise wins on more than compliance

Sovereign AI Against Telco Network and Subscriber Fraud: Detection That Stays On the Network, illustration 3

The compliance case is the obvious one, and it is decisive on its own. But sovereign detection also wins on the merits of fraud-fighting itself.

Latency is the first reason. SIM-swap and account-takeover fraud are won or lost in seconds. A model that has to round-trip subscriber context to an external service is slower than one running adjacent to the signalling layer. On-network inference removes the network hop entirely.

Model quality is the second. Fraud patterns are operator-specific. Your subscriber base, your number ranges, your interconnect partners, and your historical fraud all shape what normal looks like. A model you own can be tuned continuously on your own labelled outcomes without ever exporting them. A shared multi-tenant cloud model cannot learn from your data without your data leaving, and the moment it leaves, the compliance case collapses.

The third reason is the audit trail. Every fraud decision Nemesis makes, every block, every flag, every score, is written to the OAR. That gives the operator a tamper-evident, cryptographically signed record of why an action was taken, which is exactly what a regulator, an ombudsman, or a wrongly blocked customer will eventually ask for. Detection without defensible evidence is a liability waiting to surface. Mickai makes the evidence a default, not an afterthought.

The moat and the market

Sovereign AI Against Telco Network and Subscriber Fraud: Detection That Stays On the Network, illustration 4

This is built and live, not a roadmap. Behind it sits an IP estate of 104 filed UK patent applications, roughly 2,340 claims, held by Mickai LTD with inventor Micky Irons. Filed, not granted, which is the point: priority and a prior-art moat around sovereign, audited, on-premise AI. Our analysis identifies 196 companies and 311 patent-company pairs as potential licensees of that estate, including the largest names in cloud and AI infrastructure. That is potential-licensee sizing, not booked revenue, but it tells you where the gravity sits.

The wedge is regulatory reality. Roughly 850,000 UK businesses, about 15 percent, and around 5 million across the EU are legally constrained from putting regulated workloads on public-cloud AI. Telcos sit squarely inside that constraint, with PRA-style operational-resilience expectations, special-category data, NIS Regulations, and lawful-intercept obligations stacking on top of each other. The sovereign AI market is sized at roughly USD 40 billion in 2025 rising to about USD 148 billion by 2032. Fraud is one of the highest-value workloads inside it, because the loss it prevents is measured directly in revenue leakage and regulatory exposure.

As a third-party momentum signal, Micky Irons was ranked number four on Crunchbase as of June 2026, with the Mickai company profile in the top one to two percent globally. We are a UK company with Birmingham manufacturing secured, building to scale.

Nemesis does not sit alone. It shares the same sovereign substrate as Plutus for finance, Tyche for underwriting, Nomos and Astraea for compliance and legal, and Aletheia for audit. An operator that adopts Mickai for fraud inherits a platform that extends across the rest of its regulated workloads, on the same owned, audited foundation. That breadth on a single sovereign substrate is precisely the category a hyperscaler would want to own rather than build.

Where this is heading

Sovereign AI Against Telco Network and Subscriber Fraud: Detection That Stays On the Network, illustration 5

Sovereign detection is where regulated fraud-fighting is going. Operators and infrastructure players running networks where CDRs and subscriber data carry constraints that public cloud cannot satisfy are the natural home for fraud detection that stays where the data already lives. The architecture is built, the IP estate underwrites it, and the dual-buyer thesis, the operators who run it and the infrastructure owners who would want to own the category, is what gives the platform its strategic weight.

For a direct conversation, reach me at micky@mickai.co.uk.

FAQ

Sovereign AI Against Telco Network and Subscriber Fraud: Detection That Stays On the Network, illustration 6

For operators evaluating sovereign fraud detection, the questions below cover the points that come up first.

Frequently asked questions

Why can't telcos just use a public-cloud AI service for fraud detection?

CDRs combined with subscriber identity, IMEI, location and SIM provisioning history are special-category and location data under UK GDPR, sitting alongside lawful-intercept obligations under the Investigatory Powers Act and equivalent EU regimes. Streaming that to a public-cloud AI service can place lawful-intercept-adjacent data inside infrastructure subject to the US CLOUD Act and break residency commitments. The detection has to run inside the operator's own perimeter.

What is Nemesis?

Nemesis is Mickai's fraud and AML subsystem. It reads the signals telco fraud produces, including SIM provisioning velocity anomalies, routing toward high-cost international ranges that signals IRSF, call-pattern fingerprints for Wangiri and SIM-box bypass, and the behavioural breaks that precede SIM-swap takeover. It scores these in flow, against the operator's own data, without that data leaving the operator.

How does on-premise detection improve fraud-fighting beyond compliance?

Three ways. Latency: on-network inference removes the round trip to an external service, which matters when SIM-swap fraud is decided in seconds. Model quality: a model you own can be tuned continuously on your own labelled outcomes without exporting them. Audit: every decision is written to the tamper-evident, post-quantum-signed OAR, giving defensible evidence for regulators, ombudsmen and customers.

Does adopting Mickai for fraud lock the operator into a single use case?

No. Nemesis shares the same sovereign substrate as Plutus for finance, Tyche for underwriting, Nomos and Astraea for compliance and legal, and Aletheia for audit. An operator that adopts Mickai for fraud inherits a platform that extends across its other regulated workloads on the same owned, audited foundation.

Is Mickai built or in development?

Built and live. Behind it sits an IP estate of 104 filed UK patent applications and roughly 2,340 claims held by Mickai LTD, inventor Micky Irons. The patents are filed not granted, which establishes priority and a prior-art moat around sovereign, audited, on-premise AI. Mickai is a UK company with Birmingham manufacturing secured, building to scale.

Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/sovereign-ai-for-telco-network-and-subscriber-fraud. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles