OAR-as-a-Service: A Tamper-Evident Accountability Layer Any Regulated AI Deployment Can Adopt
The audit-record layer that underpins Mickai now ships on its own, letting regulated firms add provable, post-quantum-signed accountability to the AI systems they already run.
The accountability gap nobody priced in
Every regulated business deploying AI faces the same unspoken problem. The model produces an output, someone acts on it, and weeks later a regulator, an auditor, or a court asks a simple question: what exactly happened, who or what decided it, and can you prove the record has not been altered. For most deployments the honest answer is no. Application logs can be edited. Database rows can be rewritten. Screenshots prove nothing. The decision trail that matters most is the one least defensible under scrutiny.
This is the gap the Operational Audit Record, OAR, was built to close. Inside Mickai, the sovereign AI operating system, every action an agent takes is written to a tamper-evident, post-quantum-signed audit record at the moment it happens. Not reconstructed afterward. Not summarised. Captured at source, sealed, and made independently verifiable. It is the layer that lets a regulated firm run AI inside its own walls, on-prem or air-gapped, and still answer the hard question with evidence rather than assertion.
We are now shipping that layer as a standalone service. OAR-as-a-Service lets a firm add provable accountability to AI it already operates, without replatforming and without handing its decision trail to anyone else.
What OAR-as-a-Service does
The principle is narrow and deliberate. OAR does not run your model, retrain it, or sit in the inference path slowing it down. It observes the events that matter, prompts, tool calls, retrievals, agent actions, human approvals, outputs, and commits each one to a cryptographically sealed record as it occurs.
Three properties make that record worth trusting:
- **Tamper-evidence.** Records are chained so that altering any entry breaks the chain and is detectable. You cannot quietly edit history. An auditor can confirm the sequence is intact without trusting the operator's word for it.
- **Post-quantum signing.** Signatures use algorithms chosen to resist quantum attack. A record sealed today must still stand up in a dispute years from now, after the cryptographic assumptions that protect conventional signatures have weakened. For seven-year retention regimes that is the whole point.
- **Independent verification.** The proof of integrity lives with the record, not in a vendor dashboard. A third party can check it without calling us, which is what makes it admissible as evidence rather than marketing.
The result is an accountability layer a regulated deployment can adopt as infrastructure, the way it already treats logging or encryption, but with the evidentiary weight those layers usually lack.
Why a standalone layer, and why now
Most firms cannot replace the AI they run overnight, and most should not have to. They have models in production, vendor commitments, and workflows their teams depend on. What they lack is a defensible record of what those systems decide. Forcing a full platform migration to obtain it is the wrong trade.
So we separated the layer from the operating system. A firm can keep its existing stack and add OAR underneath it, gaining provable accountability without ripping anything out. That is the deliberate design choice: meet regulated buyers where they are.
The regulatory pressure behind this is not theoretical. PRA SS2/21 expects model governance and traceability. UK GDPR special-category processing demands defensible records. The NHS DSP Toolkit, the EU AI Act's high-risk obligations, ITAR and EAR controls, the NIS Regulations, and the reach of the CLOUD Act all converge on the same demand: prove what your systems did, and prove the proof has not been touched. Roughly 0.85 million UK businesses and around 5 million across the EU are legally barred from putting sensitive workloads on public-cloud AI at all. For them, an accountability layer they can run inside their own perimeter is not a feature, it is a precondition for using AI in the first place.
The sovereign AI market reflects that gravity, sized at around USD 40 billion in 2025 and on a path toward USD 148 billion by 2032. OAR-as-a-Service sits at the accountability seam of that market, the part regulators care about most.
Built on a real estate, not a roadmap
OAR is not a concept paper. It is the live audit substrate of Mickai, hardened in our Greek-named Studios: Nemesis for fraud and AML, Plutus for finance, Tyche for underwriting, Nomos for compliance, Astraea for legal, Panacea for clinical, Aletheia for audit, and the rest. Every one of those domains generates exactly the kind of high-stakes, regulator-facing decisions OAR was designed to seal. We did not build the record layer in the abstract and hope it held. We ran our own most demanding workloads through it first.
Underneath sits the intellectual property. Mickai LTD has filed 104 UK patent applications spanning roughly 2,340 claims, with inventor Micky Irons. These are filed rather than granted, and the distinction matters: filing establishes priority and builds a prior-art moat around how provable, sovereign, tamper-evident AI accountability is done. The same estate maps to 196 companies and 311 patent-company pairs as potential licensees, including names such as Microsoft, AWS, NVIDIA, Google, Adobe, and IBM. That is potential-licensee sizing, not booked revenue, but it indicates where the architecture sits relative to the firms building the rest of the AI stack.
In June 2026, Micky Irons was independently ranked number 4 on Crunchbase, with Mickai placing in the top one to two percent of companies globally. We read that as a third-party momentum signal and nothing more, but it is the kind of signal that tends to precede a category forming around an idea.
The strategic shape of it
Pull back and the logic is straightforward. AI adoption in regulated sectors is gated by accountability, not capability. The models are good enough. What stops deployment is the inability to prove, defensibly and durably, what they did. Whoever supplies the trusted accountability layer sits at a chokepoint every regulated AI deployment must pass through.
That is a dual-buyer position. Regulated enterprises need OAR to deploy AI lawfully inside their own walls. The hyperscalers and platform builders need an accountability layer to make their AI acceptable to those same regulated customers, and the patent estate sits directly across that need. Mickai is an ally to that ecosystem, not a challenger to the foundation-model labs. We make the AI other people build trustworthy enough to deploy where it matters most.
The economics follow the structure. The path to Year 5 revenue runs into the billions at high gross margin, underwritten by the IP estate and the dual-buyer thesis rather than by any single product line. This is the kind of category a hyperscaler would rather own than compete with, and the layer underneath that category is the one we are shipping now.
A narrow window, by design
We are opening OAR-as-a-Service to a selected set of partners while we build to scale: regulated firms with real accountability obligations and the appetite to put a provable layer under AI they already run. This is a deliberate, limited cohort. We are choosing the deployments that sharpen the layer fastest.
Mickai is a UK company, with manufacturing secured in Birmingham, building to scale and heading for the top of a category we believe will define how regulated AI is governed. If your organisation has to prove what its AI does, and prove the proof is untouched, that is exactly the problem OAR was built for.
To discuss a deployment, contact micky@mickai.co.uk.
Micky Irons, founder and CEO of Mickai.
Frequently asked questions
What is OAR-as-a-Service?
OAR-as-a-Service is a standalone accountability layer derived from Mickai's Operational Audit Record. It commits AI events such as prompts, tool calls, agent actions, approvals, and outputs to a tamper-evident, post-quantum-signed record as they happen, so a regulated firm can prove what its AI did. It can be added to AI a firm already runs without replatforming.
How is it tamper-evident?
Records are cryptographically chained so that altering any entry breaks the chain and is detectable. The proof of integrity lives with the record itself, so an independent third party can verify the sequence is intact without trusting the operator and without calling Mickai.
Why post-quantum signing?
Signatures use algorithms chosen to resist quantum attack. A record sealed today must still stand up in a dispute years later, which matters for retention regimes that run for seven years or more, after the assumptions protecting conventional signatures have weakened.
Does OAR run or change my AI model?
No. OAR does not run your model, retrain it, or sit in the inference path. It observes the events that matter and seals them. You keep your existing stack and add OAR underneath it.
Which regulations does it address?
It targets traceability and record obligations under regimes including PRA SS2/21, UK GDPR special-category processing, the NHS DSP Toolkit, the EU AI Act high-risk requirements, ITAR and EAR controls, the NIS Regulations, and the CLOUD Act.
Is Mickai live?
Yes. OAR is the live audit substrate of Mickai, the sovereign AI operating system, already hardened across Mickai's Greek-named Studios for fraud, finance, underwriting, compliance, legal, clinical, and audit. OAR-as-a-Service ships that layer on its own.






