MICKAI
Article · 8 July 2026

What a Patented Security Architecture Means in AI Procurement

A filed patent evidences originality and priority in AI procurement; it is not a certification, a security proof, or a guarantee of regulatory compliance.

What a Patented Security Architecture Means in AI Procurement
Author
Micky Irons
Published
8 July 2026
Follow Micky Irons
LinkedInX
ai procurementpatent pendingsecurity architecturesovereign aieu ai act

A patented security architecture in AI procurement means the design has been filed with a national patent office and dated as original work, which gives evidence of authorship and priority. It does not mean the system is certified, proven secure, or compliant with any regulation. A patent office tests novelty and inventive step against prior art. It does not test whether a system is safe to run, independently audited, or lawful in your jurisdiction.

This distinction matters in 2026 because buyers now filter on defensibility. Procurement teams add an intellectual property question to the security questionnaire, and a filed patent reads as reassurance. The risk is a category error: treating a legal originality claim as if it were a security accreditation. The two answer different questions, and a serious buyer keeps them apart.

What does a filed patent application actually prove?

A filed application proves three narrow things. It records a filing date, which establishes priority over later filings. It describes a claimed invention in enough detail to be examined. And it signals that the applicant believes the design is novel and non-obvious. That is genuine evidence of original engineering. It tells a buyer the vendor built something specific rather than assembling commodity parts. It says nothing about how well that thing runs in production.

What a Patented Security Architecture Means in AI Procurement, illustration 1

What does it not prove, and where do buyers get misled?

A filed patent is easy to over-read. Four limits are worth stating plainly.

  • It is not a certification. No examiner tests your security controls, and no accreditation body signs it off.
  • It is not a compliance guarantee. Patents and regulations are separate regimes that do not speak to each other.
  • Filed and pending is not granted. Applications can narrow, be amended, or fail on examination.
  • Claim counts measure the scope of drafting, not the capability of the software.

Any vendor claiming that a patent makes them secure or compliant is overreaching. The correct reading is quieter: a filing is a dated originality claim, and originality is a starting point, not a verdict.

What a Patented Security Architecture Means in AI Procurement, illustration 2

How should a procurement team read a vendor's patent numbers?

We state our own position so it can be checked. Mickai is a Sovereign Intelligence Operating System, a SIOS, backed by 104 filed UK patent applications, approximately 2,340 claims, owned by Mickai LTD. These are filed and patent pending, never granted or patented. We present them as evidence of originality and priority, not as a certification and not as a compliance guarantee. A buyer should read any patent figure the same way: as a dated claim to be verified at the register, never as a substitute for testing the running system.

A filed patent evidences that an architecture is original and dated; it is the audit trail, not the patent, that shows the architecture is sound.

What a Patented Security Architecture Means in AI Procurement, illustration 3

What can an auditor actually check instead?

The evidence that matters lives in the architecture and its records, and an auditor can reproduce all of it without reading a single claim.

  • Offline verifiability. The SIOS runs on operator-owned hardware, so an auditor can inspect the running system rather than trust a remote dashboard.
  • A zero-egress inbound perimeter. Operational data does not leave the boundary, and network capture can confirm it.
  • Hardware-attested identity bound to the audit chain. Every action is tied to an attested device and identity, so entries cannot be forged after the fact.
  • A post-quantum signed audit ledger. Every action is cryptographically sealed with ML-DSA signatures under FIPS 204, making the record tamper-evident and verifiable offline. Key encapsulation uses ML-KEM under FIPS 203, a separate role that does not sign.
  • Cross-model consensus. High-stakes outputs are checked by more than one sovereign model before they are trusted.

None of these need a patent to verify. An auditor tests them directly, which is exactly why they carry more weight than a filing.

What a Patented Security Architecture Means in AI Procurement, illustration 4

Which rules make the architecture, not the paperwork, the thing that matters?

Regulation is moving the burden from promises to demonstrable controls. The EU AI Act's high-risk obligations under Annex III, once due on 2 August 2026, were deferred by the Digital Omnibus to 2 December 2027, with embedded high-risk systems under Annex I moved to 2 August 2028 and the Article 50 transparency duties largely unchanged. We read this as a build window, not a reprieve. Alongside it sit DORA, in force since January 2025, NIS2, GDPR, and ISO/IEC 42001 for AI management systems. Under the US CLOUD Act, data held by a US-linked provider can be subject to lawful access regardless of where it sits. For a regulated buyer this creates exposure that a contractual promise cannot fully remove, because a contract is not a technical guarantee. Public cloud AI services are, by design, outside an operator-controlled boundary.

How does a defensible architecture support these duties, and what should an RFP ask?

A SIOS does not satisfy or guarantee any of these rules. No architecture does. What it does is support the underlying duties and reduce risk. Offline operation supports data-residency and egress-control obligations. The signed ledger supports record-keeping and traceability expectations. Hardware-attested identity supports access-control duties. To separate signal from noise, an RFP can ask five checkable questions.

  • Ask for the patent register numbers, then verify them independently rather than accepting a count.
  • Ask what an auditor can inspect offline, and request a live demonstration.
  • Ask whether operational data ever leaves the boundary, and test the claim with network capture.
  • Ask which standard the audit ledger's signatures follow, expecting FIPS 204 ML-DSA, and verify a signature.
  • Ask which duties the architecture supports, and treat any use of the word guarantee as a warning sign.

Frequently asked questions

Does a patent mean an AI system is secure?

No. A patent tests novelty against prior art, not security posture. An examiner never inspects your controls or runs a penetration test. Ask for a verifiable audit trail and an independent assessment instead, because those measure whether the system is sound.

Is patent pending the same as patented?

No. Filed and patent pending means an application exists and holds a priority date, but it has not been examined and granted. It can be narrowed, amended, or refused during examination. Treat pending filings as evidence of originality, not as settled rights.

Can a vendor say their patents make them compliant with the EU AI Act?

No. Patents and regulation are separate regimes. Compliance depends on the obligations a system actually meets, not on filings a company holds. The Act's high-risk timeline under Annex III now runs to 2 December 2027, and meeting it will turn on controls and records, not on intellectual property.

What should we ask a vendor that markets a patented security architecture?

Ask for register numbers you can verify yourself. Ask what an auditor can inspect offline and request a live demonstration. Ask which regulatory duties the architecture supports rather than guarantees. Honest answers describe risk reduction and reproducible tests, not certifications the vendor does not hold.

Why does offline operation matter for regulated AI buyers?

Because public cloud AI services sit outside your boundary and can be subject to lawful access under laws such as the US CLOUD Act, which creates exposure a contract cannot fully remove. Running on operator-owned hardware keeps operational data and audit evidence under your control, where you can inspect and prove it.

Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/what-a-patented-security-architecture-means-in-ai-procurement. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles