By Micky Irons, founder and CEO of Mickai.
Every finance chief who has lived through a Sarbanes-Oxley (SOX) audit knows the ritual. Someone asks who approved the journal entry, who signed off on the revenue recognition, who authorised the payment run at 2am on the last day of the quarter. Somebody produces a spreadsheet of email approvals, a screenshot, a workflow log. And everyone in the room quietly hopes the paper trail holds.
That hope is the problem. Financial controls built on logs that can be edited, screenshots that can be staged, and approval chains that live in mutable systems are controls in name only. As artificial intelligence begins to touch general ledgers, close processes, and payment authorisation, the question stops being whether the numbers are right and becomes whether anyone can prove who, or what, decided them. This is exactly the boundary our Sovereign Intelligence Operating System (a SIOS) was built to hold.
What SOX actually demands, and why AI breaks the assumption
The Sarbanes-Oxley Act rests on a simple premise. Executives personally attest that internal controls over financial reporting are effective, and there is an unbroken chain of accountability behind every material figure. Section 302 and Section 404 turn that attestation into a legal signature. Behind the signature sits an assumption that a human being made, or knowingly approved, each consequential decision.
Autonomous and semi-autonomous AI quietly dissolves that assumption. When a brain proposes an accrual, reclassifies a transaction, or drafts a payment batch, the person who clicks approve is often approving something they did not fully originate and cannot fully reconstruct later. The control still shows a human in the loop, but the reasoning, the inputs, and the model behind the recommendation have already faded from view. An auditor cannot attest to a ghost, and a signature over a decision nobody can explain is precisely the kind of control that collapses under the first serious enquiry.
Argus watched with a hundred eyes and never all slept at once, the way a true control never looks away from a ledger
Signing the control before it fires, not after
Our answer is to move the signature to where it belongs: before the action, not into a log written afterwards. Every consequential operation inside the SIOS emits an Operation Attestation Record (OAR) that is cryptographically signed the instant it is authorised and before it executes. The OAR captures the acting brain, the human approver, the inputs, the policy that permitted it, and the exact intended effect on the ledger.
Because the record is signed at the moment of authorisation, it is not a description of what happened that someone types up later. It is the authorising act itself, frozen and sealed. If the payment never fires, the OAR still records that it was authorised and why. If it does fire, the OAR is the only version of events, and it cannot be quietly reconciled into something more convenient at quarter end. The order of operations is the whole point: nothing consequential moves through the general ledger until its attestation already exists.
An unforgeable record of who authorised what
Signatures are only as good as the mathematics under them. We sign every OAR with post-quantum digital signatures using the FIPS 204 ML-DSA-65 standard, so the attestation survives even the arrival of quantum computers that would shatter older schemes. Each record is then hash-linked into a tamper-evident ledger using SHA-3-512, so the entries form a chain where altering any single approval breaks every link that follows it.
Themis held the scales that could not be tipped in secret, the emblem of a control signed before it acts
The practical effect is that the answer to who authorised what stops being a matter of trust and becomes a matter of proof. An auditor does not have to believe the finance team, the vendor, or us. They verify the chain offline, on hardware the customer owns, and the cryptography either holds or it does not. There is no privileged administrator who can rewrite history, because the ledger is designed so that even the people running it cannot forge an entry after the fact.
Human accountability, made harder to fake
Strong cryptography can, ironically, weaken accountability if a single stolen credential can sign anything. So for high-stakes financial actions, a lone approval is not enough. The SIOS can require multi-brain agreement plus voice-biometric confirmation from a named officer before a material payment or a period-end adjustment is allowed to proceed. The controller does not merely tick a box. They speak, and their voice is bound into the OAR, alongside a specific revocable brain and the exact policy that permitted the act.
Mnemosyne was memory itself, the record that could not be unremembered or rewritten after the fact
This reconnects the legal fiction of the SOX signature with a physical human act. When an executive attests under Section 302 that controls are effective, they can point to records showing that every material action carried a specific, revocable brain, a specific policy, and a specific human whose biometric approval is sealed into an unforgeable record. Accountability stops being a diagram on a slide and becomes evidence a regulator can independently check.
Auditable AI on the customer's own terms
None of this requires shipping the general ledger to someone else's cloud. The SIOS runs on hardware the customer owns, air-gapped or on-premise, with zero data egress, which matters enormously to a regulated finance function that cannot let quarter-close data leave its own walls. The public cloud giants remain valuable allies at a different layer. We simply hold the regulated boundary they were never designed to cross, and we hold it on the customer's own terms.
Because the audit ledger is verifiable offline, an external auditor, a regulator, or an internal SOX team can validate controls without depending on our systems being online, without an application programming interface (API) call, and without anyone taking our word for it. The same records serve overlapping regimes at once, so a firm managing SOX alongside the Digital Operational Resilience Act (DORA), the EU AI Act, and ISO 42001 works from one signed source of truth rather than four disconnected paper trails. The 104 filed UK patent applications behind Mickai, covering about 2,340 claims and owned by Mickai LTD, describe exactly these attestation and hash-linking mechanisms.
Cerberus guarded the gate that only opened one way, the way high stakes approval must pass three checks before it fires
The bottom line
SOX was written for a world where a human signature meant a human decision. AI has quietly severed that link, and controls that rely on editable logs and staged screenshots will not survive the first serious enquiry into an automated close. The fix is not to keep AI away from finance. It is to make every consequential decision carry an unforgeable record of who, and what, authorised it, signed before it fires and sealed forever after.
That is the standard we build to. Signed controls, post-quantum attestations, a hash-linked ledger that no administrator can rewrite, and a human voice bound into every high-stakes approval. When the auditor asks who authorised what, the honest answer should be a proof, not a hope. That is the boundary a SIOS was made to hold, and it is live today. Micky Irons, founder and CEO of Mickai.
Written by Micky Irons. Originally published at https://mickai.co.uk/articles/sox-and-ai-financial-controls. More from Micky Irons and Mickai at mickai.co.uk.





Top comments (0)