By Micky Irons, founder and CEO of Mickai.
When a trading desk hands a decision to a machine, one question decides whether the firm can survive the aftermath: can it prove, months or years later, exactly what happened and why? Under the Markets in Financial Instruments Directive II (MiFID II), that is not a courtesy to the regulator. It is a legal duty. Firms must reconstruct trades, retain the reasoning behind them, and produce ordered, tamper-proof records on demand.
Artificial intelligence makes that duty harder and more urgent at once. A model that ranks venues, sizes orders, or suppresses an alert is now part of the decision chain, and the decision chain is precisely what the record must capture. We built Mickai, our Sovereign Intelligence Operating System, so that every AI-assisted trade decision leaves behind an immutable, cryptographically signed record a regulator can replay offline, on hardware the firm owns.
What MiFID II actually asks of a record
MiFID II is exacting about evidence. Firms must record telephone conversations and electronic communications tied to transactions, keep those records for at least five years, and extend that to seven where a competent authority requires it. Order and transaction data must be time-stamped to demanding tolerances, sequenced correctly, and retained in a form that cannot be altered after the fact. Article 16(7) and the associated technical standards are unambiguous: the record must be durable, complete, and reconstructable.
The unstated assumption behind all of this is human decision-making. The rules were drafted for traders, sales staff, and phone lines. When a model recommends the venue, adjusts the size, or holds back an alert, the reasoning that must be reconstructed no longer lives in a phone call. It lives in weights, prompts, and inference runs that most systems never persist. The record has a hole in it precisely where the decision was made.
Mnemosyne held every memory whole. A signed ledger keeps every decision the same way, unchanged and complete.
Why the AI in the loop breaks ordinary recordkeeping
Conventional logging captures outcomes, not reasoning. A database row tells you an order routed to venue A at a given price and time. It does not tell you which model version produced that recommendation, what inputs it saw, what confidence it assigned, or whether a human overrode it. If the model is retrained next quarter, the version that made today's decision may no longer exist anywhere you can point to. The evidence has quietly evaporated.
There is a second, sharper problem. Logs are usually mutable. A record that an administrator, a compromised account, or a careless migration can edit is not proof of anything. A regulator asking why a trade was made in March cannot accept a March record that could have been rewritten in June. Under adversarial scrutiny, in an enforcement action or a dispute, an editable log is worth close to nothing. What MiFID II demands is not more logging. It is evidence that resists tampering by design.
Themis raised the sealed law where all could see it. A signed record cannot be quietly rewritten after the fact.
Signing the decision before it executes
Our answer is to move the record from an afterthought to a precondition. In Mickai, every action produces an Operation Attestation Record (OAR), and the OAR is signed before the action executes, not after. For a trade decision that means the model version, the inputs, the recommendation, the confidence, the human approval or override, and the exact time are captured, hashed, and signed as a single unit at the moment of decision. The signature is the permission to proceed. No signed record, no execution.
Signing uses post-quantum cryptography: FIPS 204 ML-DSA-65, the Module-Lattice Digital Signature Algorithm standardised by the United States National Institute of Standards and Technology (NIST). Records are hash-linked with SHA-3-512 into a chain, so each entry seals the one before it. Altering a March record would break every hash from March forward, and the break is visible to anyone who checks. This is the difference between a log that claims to be complete and a ledger that can prove it.
Replaying the trade offline, on your own hardware
A record only matters if someone can verify it. We designed the Mickai ledger for offline verification: a regulator, an auditor, or the firm's own compliance team can take the signed chain and confirm its integrity with no network connection, no call home, and no dependency on us. The signatures are checkable against public keys. The hash chain is checkable arithmetic. Trust rests on mathematics, not on our word and not on a cloud service staying online.
Argus watched with countless eyes and never slept. Offline verification lets anyone check the chain without missing a break.
That offline property matters for a reason particular to this sector. Mickai runs on hardware the customer owns, air-gapped or on-premise, with zero data egress. Trade data, order books, and model reasoning never leave the firm's boundary to reach an external service. When the regulator asks to reconstruct a trade, the full decision record, including the contribution of the AI, is already inside the firm, signed and sequenced, ready to replay exactly as it happened.
Governing the models that make the calls
Recordkeeping is only half of accountability. The other half is control over which model was permitted to act at all. In Mickai, the intelligences that assist decisions are revocable brains: each is a discrete, governed subsystem that can be authorised, constrained, or switched off, and every one of those governance events is itself an OAR entry. If a model is retired or found faulty, the ledger still holds the signed record of what it decided while it was live. The past does not become unprovable because the present changed.
Hecate guarded the threshold and held the key. Every model that acts is a brain that can be authorised or revoked.
For the highest-stakes actions, one signature is not enough. Mickai can require multi-brain agreement plus voice-biometric approval from a named, authorised person before an order proceeds. That approval is bound into the same signed record, so the reconstruction shows not only what the machine proposed but who authorised it and how. This maps directly onto the MiFID II expectation of clear, evidenced responsibility, and it extends cleanly to the wider regime a trading firm sits inside, from the EU AI Act and the Digital Operational Resilience Act (DORA) to ISO 42001 for AI management systems.
The bottom line
MiFID II already required firms to prove what they did and why. AI in the trading loop does not lower that bar. It raises it, by placing a new and opaque actor inside the decision the record must capture. A mutable log written after the fact cannot meet the test. A signed, hash-linked, post-quantum record written before the action can. That is the standard Mickai is built to hold: immutable trade-decision records, complete with the reasoning of the model, that a regulator can replay offline, on the firm's own hardware, years later. The public cloud giants are allies serving a different layer. Mickai serves the regulated boundary, on the customer's own terms, where the proof has to live.
Written by Micky Irons. Originally published at https://mickai.co.uk/articles/mifid-ii-and-ai-recordkeeping. More from Micky Irons and Mickai at mickai.co.uk.





Top comments (0)