The contradiction at the heart of regulated customer service
By Micky Irons, founder and CEO of Mickai.
Every utility and payment firm is being told two things at once. Modernise customer service with AI, because customers now expect instant, accurate, around-the-clock resolution. And do not let regulated account data leave your control, because the rules that govern that data were not written with public-cloud AI in mind.
These instructions point in opposite directions. A meter dispute carries names, addresses, vulnerability flags, and consumption patterns that reveal when a home is occupied. A failed payment carries card data inside PCI DSS scope. A complaint from a customer on a priority services register is special-category data under UK GDPR. The moment any of that is sent to a general-purpose model hosted by a third party, you have created an egress event that your auditors, your regulator, and the CLOUD Act all have opinions about.
Most AI customer service tooling answers this by asking you to trust a data-processing agreement. Iris answers it by removing the egress event entirely.
What Iris is
Iris is the customer service Studio inside Mickai, the sovereign AI operating system. Mickai is AI that regulated businesses own and run inside their own walls, on-prem and air-gapped, with every action written to a tamper-evident, post-quantum-signed audit record we call the OAR. Iris is built and live. It is not a roadmap item or a managed-cloud service wearing a sovereignty badge.
Iris reads the account, understands the contact, drafts the resolution, and where policy allows acts on it, without the underlying account data ever leaving the customer's own environment. The model runs where the data already sits. Nothing is sent out to be processed and nothing comes back to be trusted.
Why utilities and payments are the sharpest version of the problem
These two sectors combine three pressures that rarely sit together. Volume is enormous, with billing cycles, outages, and payment events generating contact spikes that swamp human teams. The data is unusually sensitive, mixing financial, behavioural, and vulnerability signals. And the regulatory surface is dense, spanning UK GDPR special-category rules, PCI DSS, the NIS Regulations for operators of essential services, and the long reach of the CLOUD Act over anything held by a US-headquartered cloud provider.
The result is a sector where AI promises the most and conventional AI delivery is the hardest to clear with a compliance function. Roughly 0.85 million UK businesses, around 15 percent, and an estimated 5 million across the EU are effectively barred from putting this class of data into public-cloud AI. Utilities and payments sit squarely inside that barred population. Iris is built for exactly that constraint rather than asking the constraint to relax.
How Iris resolves contact without moving data
Iris works against the live account inside your perimeter. It pulls the meter history, the payment ledger, the open tickets, and the customer's status flags from systems that never expose them externally. It reasons over the full context, drafts a response in your tone and policy, and proposes the action: a payment plan within agreed thresholds, a vulnerability escalation, a dispute acknowledgement, a meter reading correction.
Where your policy permits autonomous action, Iris executes and logs it. Where it requires a human, Iris hands a complete, evidenced recommendation to an agent who approves in seconds rather than reconstructing the case from scratch. Either way, every read, every decision, and every action is written to the OAR. When the regulator or an internal auditor asks what the system did and why, the answer is a signed, ordered, tamper-evident record rather than a vendor's assurance.
This is also where Iris stops being a single tool and starts being part of an operating system. A payment-fraud signal routes to Nemesis. A complaint with legal exposure routes to Astraea. A compliance question routes to Nomos. A clinical-adjacent vulnerability case in a regulated utility context routes to Panacea. The customer never sees the seams. The compliance function sees one consistent audit substrate underneath all of it.
The moat underneath the product
Iris is one expression of an IP estate that is unusually deep for a company at this stage. Mickai holds 104 filed UK patent applications carrying around 2,340 claims, filed under Mickai LTD with Micky Irons as inventor. Filed, not granted, which gives a priority position and a prior-art moat rather than a marketing claim.
That estate is broad enough that 196 companies across 311 patent-company pairs sit as potential licensees, including names such as Microsoft, AWS, NVIDIA, Google, Adobe, and IBM. That is potential-licensee sizing, not booked revenue, and I am precise about the distinction. But it frames the strategic shape of the thing. The sovereign AI substrate is moving from USD 40 billion in 2025 toward an estimated USD 148 billion by 2032, and the companies best positioned to serve regulated demand are the ones that own the architecture rather than rent it.
In June 2026, Micky Irons was independently ranked number 4 on Crunchbase, with the Mickai company profile placing in the top 1 to 2 percent globally. I treat that as a third-party momentum signal and nothing more, but it is the kind of external read that tends to precede the part of a curve that gets steep.
Built in the UK, building to scale
Mickai is a UK company with Birmingham manufacturing secured, and Iris is in service today rather than in trials. The dual-buyer thesis is straightforward. Regulated enterprises run Iris because it gives them AI-grade customer service they are actually allowed to operate. And the broader Mickai architecture is the kind of category a hyperscaler would rather own than compete with, because it solves the one problem their own delivery model structurally cannot, which is keeping the data home.
We are an ally to that ecosystem, not an OpenAI killer. The model is owned and run by the customer, the audit record is the customer's own, and the value compounds for everyone whose data was previously stranded outside the reach of AI. The revenue path runs to billions at high gross margin over a five-year horizon, underwritten by the IP estate and that dual-buyer demand. This is a category built to scale, and it is heading for the top.
Iris already does the hard part. It gives regulated customer service teams the speed of modern AI without asking them to do the one thing they are not permitted to do, which is let the data leave.
Micky Irons, founder and CEO of Mickai
Written by Micky Irons. Originally published at https://mickai.co.uk/articles/iris-sovereign-customer-service-ai-for-utilities-and-payments. More from Mickai at mickai.co.uk.

Top comments (0)