The Question Beneath the Question
By Micky Irons, founder of Mickai.
Whenever the Mickai Sovereign Intelligence Operating System is set beside the frontier clouds, a fair sceptic asks the obvious thing. If there is real money inside the regulated perimeter, why would the leading cloud AI providers not simply build a sovereign version and take it? They have the models, the capital, the engineers and the brand. The appetite is surely there. So what holds them back?
Nothing about appetite is in question. The barrier is structural. A shared multi-tenant cloud is fast, elastic and cheap for one reason above all others, and that same reason is precisely what forbids it from the perimeter where regulated work lives. To serve the governed market properly, an incumbent would not add a feature. It would have to unbuild the cloud, the subscription and the shared model on which its entire economics depend. This is not a moat anyone dug on purpose. It is the shape of the thing.
That distinction matters because it changes the competitive question entirely. A feature gap closes in a quarter. An architecture gap does not close at all without dismantling the business that pays for everything else. Understanding why begins with understanding what makes the cloud cheap in the first place.
Why the Cloud Is Cheap, and Why That Is the Problem
The economics of the public cloud rest on multi-tenancy. Thousands of customers share the same physical infrastructure, the same pooled storage, the same model endpoints and the same elastic compute. Utilisation stays high, marginal cost per customer falls, and the provider passes a slice of that efficiency on as a subscription. This is a genuine engineering achievement and it is the right answer for a vast amount of work. Open research, public content, non-sensitive drafting and general reasoning all belong in that pool, and Mickai treats the frontier clouds as partners for exactly that work.
The trouble begins when the data carries a legal obligation that travels with it. Under the United Kingdom Financial Conduct Authority Senior Management Arrangements, Systems and Controls regime, and under Consumer Duty since 2023, every consequential customer decision must be auditable and explainable. Under the National Health Service Data Security and Protection Toolkit, patient information cannot leave a controlled boundary. Under the Ministry of Defence Joint Service Publications 440 and 604, classified material has a defined custody chain. Under the European Union Artificial Intelligence Act, high-risk obligations begin on 2 December 2027, with fines reaching 35 million euros or seven per cent of global turnover.
Multi-tenancy and a verifiable custody chain are not merely awkward together. They are opposites. The instant a regulated record enters a pooled tenant, the operator can no longer prove, from the outside, who held it, where it rested or what was done to it. Shared infrastructure is cheap because the boundary between customers is logical rather than physical. The regulated perimeter is defined by a boundary that must be physical and provable. One architecture cannot be both, and no amount of capital reconciles the contradiction.
The Subscription Is the Second Lock
Even if an incumbent solved the tenancy problem, a second structural lock remains, and it sits in the billing model.
A subscription to a cloud application is, by design, a continuing relationship in which the provider retains the keys, the model and the operational control. That is what is being sold. Per-token metering, centralised model updates and pooled context all assume the provider stays in the loop. The customer rents intelligence and the provider keeps the substrate.
The regulated buyer needs the inverse. It needs to hold its own keys, run on hardware it owns, and sever any third-party data path entirely. Mickai is sold as a capital purchase rather than a subscription, on the principle of access for a fee, deployed free. The operator buys the Sovereign Intelligence Operating System, runs the 50 specialised brains fully offline, and owns the memory and the keys outright. Above roughly 50 million tokens a month on owned hardware, the economics run 70 to 90 per cent cheaper than cloud application programming interfaces, with break-even commonly inside 18 months and, at high volume, as fast as four to eight weeks.
For an incumbent to match that, it would have to sell its substrate outright and walk away from the recurring revenue that funds its research. No public company optimised around annual recurring revenue chooses to convert its best customers into one-time buyers who then never call again. The subscription is not a pricing choice an incumbent can simply abandon. It is the load-bearing wall of the business.
The Insider Problem No External Vendor Can Answer
There is a third lock, and it is the one operators feel most viscerally once it is named.
"If you are a multibillion-dollar company running on Anthropic or OpenAI, and your direct competitor of comparable scale sits on the same vendor stack, what stops them paying a vendor insider to leak your data, your tactics, your leads, your sales strategy? Inside a third-party cloud, there is no safeguard you can verify from the outside. The only answer is a sovereign system where you hold the keys, with no third-party cloud data path." Micky Irons, founder and CEO, Mickai LTD
This is not a slight against any provider's staff. It is a statement about verifiability. In a shared cloud, the customer's only defence against a rogue administrator is the provider's own assurance. That assurance may be entirely sincere, yet it remains unverifiable from the outside, and an unverifiable control is no control at all in front of a regulator. The Cisco data privacy benchmark found that 27 per cent of organisations have banned generative artificial intelligence outright, 63 per cent restrict what data may be entered, and 61 per cent restrict which tools may be used. Those numbers are not technophobia. They are organisations recognising that they cannot verify the boundary, and choosing the only safe default available to them.
Mickai answers the insider problem at the architectural level. Because the operator holds the keys and there is no third-party data path, the rogue-administrator risk is removed rather than mitigated. Every action the system takes is sealed under a post-quantum signature, the Open Audit Record, which anyone can verify offline without trusting the vendor at all. The proof of integrity does not live with Mickai. It lives with the operator, and it survives the vendor entirely.
Two Buyers, One Architecture, No Cloud Path
The market this serves is not one segment but two, and the same architecture answers both.
The first segment is being forced off cloud artificial intelligence. A major electronics manufacturer banned a public AI chatbot after a source-code leak. Major global banks and several National Health Service Trusts restricted it through 2023. A European data-protection regulator fined a major AI provider 15 million euros, and a national privacy regulator in Asia issued its own penalty. This is rescue revenue already in motion, organisations actively retreating from a tool they cannot govern.
The second segment never started. Magic Circle litigation teams, National Health Service clinical units, Ministry of Defence cleared programmes, Financial Conduct Authority regulated wealth managers, and federal workloads under FedRAMP and Impact Level 5 and above have largely sat out the generative wave because no compliant deployment existed. This is net-new, unclaimed spend.
Both segments need the same thing, intelligence inside a perimeter they control. The studios meet them by department rather than by abstraction. Nomos handles compliance and regulator reporting. Astraea runs legal and contract review for the litigation teams. Panacea carries clinical documentation against Health Insurance Portability and Accountability Act and Data Security and Protection Toolkit boundaries. Nemesis monitors fraud and anti-money-laundering. Plutus governs finance and financial planning under controls such as the Sarbanes-Oxley Act and Solvency II. Aletheia runs continuous controls assurance, and Tyche handles underwriting and actuarial work. Each one produces an Open Audit Record for every consequential action, which is precisely what Consumer Duty and the European Union Artificial Intelligence Act will demand on 2 December 2027.
The served market for governed, auditable artificial intelligence sits near £4.6bn today and is growing about 45 per cent a year, inside a private-deployment-eligible addressable market near £40bn, beneath a total enterprise artificial intelligence market heading for about £122.6bn by 2030. About 50,000 regulated United Kingdom firms and roughly 8,250 large enterprises form the beachhead. None of that spend is reachable through a shared tenant.
Drift Is an Architecture Problem Too
The structural divide does not stop at custody. It reaches into quality of output, which is where the second observation lands.
"When companies use the Mickai Sovereign Intelligence Operating System, the context-compression problem that plagues cloud LLMs is removed at the architectural level. Cloud systems hallucinate and drift off topic because shared multi-tenant storage forces aggressive context compression, summary-pass swaps, and lossy recall. Inside Mickai, the operator owns the memory. They expand it inside their own data centre or workstation, scale it on Poseidon rack-scale or local NVMe, and never compete with another tenant for context budget. The result is a measurable reduction in drift and hallucination." Micky Irons, founder and CEO, Mickai LTD
Drift is not only a model property. It is a storage property. A multi-tenant system must ration context because thousands of tenants compete for the same memory budget, and rationing means compression, summary swaps and lossy recall. An operator who owns its own memory, and expands it on owned hardware, simply does not compete for that budget. The reduction in drift is therefore a consequence of the same sovereign shape that delivers the custody guarantee. One architectural choice pays off twice, once in provability and once in fidelity, and an incumbent cannot capture either half without surrendering the multi-tenancy that makes its margins work.
The Moat Is the Shape, Not the Appetite
The conclusion is plain once the three locks are seen together. Multi-tenancy makes the cloud cheap and forbids a provable boundary. The subscription funds the research and forbids a capital sale. The shared model removes the insider safeguard the operator can verify. Each lock is load-bearing, and each one points the opposite way from the regulated perimeter.
This is not a race the incumbents are losing through inattention. It is a market their architecture cannot enter without unbuilding itself, which is why the relationship is best understood as a division of territory rather than a rivalry. The frontier clouds remain the right tool for open, non-regulated work, and Mickai treats them as partners there without reservation. Inside the governed perimeter, where the keys must stay with the operator and every action must be provable offline, a sovereign operating system is not a better version of the cloud. It is the only thing that fits.
The filed patent applications behind the substrate, 101 of them carrying roughly 2,234 claims and owned by Mickai LTD, are evidence that the architecture is defensible, not the reason to choose it. The reason to choose it is simpler. When the boundary has to be provable, you cannot rent it. You have to own it, and ownership is a shape the cloud was never built to sell.
Written by Micky Irons. Originally published at https://mickai.co.uk/articles/why-the-cloud-giants-cannot-follow. More from Micky Irons and Mickai at mickai.co.uk.
Top comments (0)