MiCA, the Travel Rule and the VASP data trap: why crypto AML belongs on your own hardware
Digital-asset firms must run credible AML, wallet-risk and Travel Rule monitoring under MiCA, yet hosted models demand the one thing a VASP cannot safely hand over: its live transaction graph. Mickai runs that monitoring on-premise and air-gapped, with every action written to a post-quantum-signed audit record.
By Micky Irons, founder and CEO of Mickai
The problem no VASP can outsource
A digital-asset firm lives or dies on its transaction graph. Wallet clusters, counterparty exposure, hop-by-hop fund flows, the exact moment a deposit touches a sanctioned address: this is the most sensitive dataset a crypto business holds. It is also exactly what a public-cloud AML model needs to see in order to score risk.
That is the trap. Under MiCA, a Crypto-Asset Service Provider must run credible transaction monitoring, sanctions screening and market-abuse surveillance. Under the Travel Rule, every qualifying transfer must carry originator and beneficiary information between VASPs, and that PII has to be matched, stored and screened. To use a hosted AI model for any of it, you feed your live transaction graph and your customers' identity data to a third party running on infrastructure you do not control, under a US CLOUD Act reach you cannot switch off. For many firms that is not a procurement question. It is a reason not to deploy AI at all.
Mickai removes the trade-off. It is a sovereign AI operating system: AI that a regulated business owns and runs inside its own walls, on-premise and air-gapped, with every action written to a tamper-evident, post-quantum-signed audit record. The transaction graph never leaves the building. The model still sees everything, because the model runs where the data already is.
What the MiCA and Travel Rule stack actually demands
Screening and monitoring for a VASP is not one job. It is a cluster of them, and each is a place where a cloud model would need your crown jewels:
- Wallet-risk and address screening against sanctions lists, darknet markets, mixers and high-risk exchanges, scored in real time before a deposit or withdrawal clears.
- Transaction monitoring across chains, clustering addresses into entities and flagging structuring, layering and rapid pass-through behaviour.
- Travel Rule data handling: matching originator and beneficiary records between counterparty VASPs, screening the names against sanctions and PEP lists, and retaining the evidence.
- Market-abuse surveillance under MiCA, watching for wash trading, spoofing and insider patterns across order books.
- Suspicious-activity reporting, with a defensible narrative and a full evidentiary trail behind every filing.
Every one of those is a graph problem over data you are legally and commercially obliged to protect. Mickai runs the AML brain, the wallet-risk brain, the sanctions-screening brain and the surveillance brain as separate specialists under one deterministic arbiter, all on your own hardware, all reading from an air-gapped retrieval index built from your own chain data and customer records.
Why on-premise is the only honest answer here
Cloud AML vendors will tell you their environment is secure. It probably is. That is not the point. The point is jurisdiction and control. A hosted model means your transaction graph is processed on someone else's silicon, reachable by their staff, their subprocessors and, under the CLOUD Act, a foreign government, regardless of where the data physically sits. For a firm holding customer funds and clustering wallets, that is a standing exposure that no data-processing agreement fully closes.
Sovereign, owned, offline AI closes it structurally. A cloud cannot go offline without ceasing to be a cloud. A subscription cannot become something you own. That is the white space, and it is defined by what each rival's business model prevents rather than by any feature list. The sovereign AI market is projected to grow from around USD 40 billion in 2025 to USD 148 billion by 2032, and digital-asset firms sit squarely inside the population that cannot lawfully or safely expose their data to a shared model.
The architecture, in plain terms
Under the surface, Mickai is 50 specialised brains coordinated by a deterministic arbiter, so an AML decision is reproducible rather than a probabilistic one-off. Four architectural facts matter most to a VASP:
- Air-gapped RAG. The models answer from a retrieval index built entirely from your own chain analytics, KYC records and policy documents. Nothing is fetched from the open internet and nothing is sent out to be scored.
- ML-DSA-65 post-quantum signing. Every action, every alert, every screening result is signed with a post-quantum algorithm and written to the Operational Audit Record. Harvest-now-decrypt-later attacks against your audit trail do not land.
- Hardware-bound identity. Keys and model identity are tied to the physical machine, so an exfiltrated model or a copied disk is inert off the box it was provisioned on.
- Compensating rollback. If an automated action needs to be reversed, the system unwinds it deterministically and records the reversal, so an autonomous monitoring decision is never a black box you cannot walk back.
For the MLRO, this turns a supervisory visit from a scramble into a query. Every alert Nemesis, the fraud and AML studio, raises carries a signed, timestamped, replayable chain of exactly what the model saw and why it decided. That is the evidentiary standard MiCA transaction monitoring and Travel Rule record-keeping demand, produced as a by-product of normal operation rather than reconstructed after the fact.
Who this lands with
For the Money Laundering Reporting Officer, it is defensible automation: alerts you can explain to a regulator down to the input. For the Chief Compliance Officer, it is a monitoring stack that satisfies MiCA and the Travel Rule without widening your data-protection surface. For the CISO, the transaction graph and Travel Rule PII never leave the perimeter, so the attack surface is your building rather than the internet. For the Board and its non-executive directors, it is the ability to adopt AI in the most sensitive part of the business without accepting a jurisdictional exposure they would have to disclose. One deployment, four sign-offs.
Built, and building to scale
Mickai is built and live today, delivered through Greek-named Studios that map to real departments: Nemesis for fraud and AML, Nomos for compliance, Astraea for legal, Aletheia for audit, Plutus for finance operations. The compliance capability is not a roadmap slide. It runs.
The underlying IP is deep. Mickai LTD holds 104 filed UK patent applications spanning roughly 2,340 claims, covering the sovereign architecture, the audit record and the signing scheme: a priority and prior-art position, filed rather than granted, that is unusual for a company at this stage. As an independent momentum signal, Crunchbase ranked founder Micky Irons at number four globally in June 2026, with the company inside the top one to two percent. We are a UK company, with Birmingham manufacturing secured, building to scale.
A note on posture: Mickai is an ally to the broader AI ecosystem, not a challenger to any lab. Hyperscale models are extraordinary at what they do. They simply cannot be the answer for a firm that is legally barred from exposing its transaction graph. That is a different foundation, and it is the one we built.
The window
We are opening a small number of partner deployments with digital-asset firms that want their AML, wallet-risk and Travel Rule monitoring running on their own hardware before their next supervisory cycle. This is selective by design, matched to firms serious about owning their compliance stack rather than renting exposure. If that is you, the conversation starts at micky@mickai.co.uk.
FAQ
Does Mickai send any transaction data to the cloud? No. Mickai runs on-premise and can be fully air-gapped. The models read from a local retrieval index built from your own chain data and records. Your transaction graph and Travel Rule PII never leave your infrastructure.
How does it help with MiCA and the Travel Rule specifically? It runs wallet-risk scoring, cross-chain transaction monitoring, sanctions and PEP screening, Travel Rule originator and beneficiary matching, and market-abuse surveillance as coordinated specialists, with every result signed and written to a tamper-evident audit record for supervisory review.
What makes the audit trail defensible to a regulator? Every action is signed with the ML-DSA-65 post-quantum algorithm and recorded in the Operational Audit Record with inputs, timestamp and outcome. An alert or a SAR can be replayed exactly as it was decided, rather than reconstructed after the fact.
Is this available now? Yes. Mickai is built and live, delivered through department Studios including Nemesis for fraud and AML and Nomos for compliance. We are onboarding a selected group of digital-asset partners now.
Frequently asked questions
Does Mickai send any transaction data to the cloud?
No. Mickai runs on-premise and can be fully air-gapped. The models read from a local retrieval index built from your own chain data and records. Your transaction graph and Travel Rule PII never leave your infrastructure.
How does it help with MiCA and the Travel Rule specifically?
It runs wallet-risk scoring, cross-chain transaction monitoring, sanctions and PEP screening, Travel Rule originator and beneficiary matching, and market-abuse surveillance as coordinated specialists, with every result signed and written to a tamper-evident audit record for supervisory review.
What makes the audit trail defensible to a regulator?
Every action is signed with the ML-DSA-65 post-quantum algorithm and recorded in the Operational Audit Record with inputs, timestamp and outcome. An alert or a SAR can be replayed exactly as it was decided, rather than reconstructed after the fact.
Is this available now?
Yes. Mickai is built and live, delivered through department Studios including Nemesis for fraud and AML and Nomos for compliance. We are onboarding a selected group of digital-asset partners now.






