Compliance is more than simply another box to tick for firms that handle sensitive data; it is frequently the key to landing multimillion-dollar contracts. However, the method is stuck in the past, relying on manual screenshots and fragmented procedures. Selin Kocalar and Karun Kaushik, both MIT graduates, witnessed this difficulty personally while working on a healthcare AI firm. The difficulties of demonstrating HIPAA compliance were so aggravating that they decided to design a better solution.
That concept evolved into Delve, an AI-powered compliance platform that automates evidence collecting and verification. Today, the San Francisco-based business announced a $3.3 million seed round led by Y Combinator, General Catalyst, FundersClub, and Soma Capital, among others.
A Compliance Bottleneck Slowing AI Adoption
AI companies are moving at breakneck speed, but compliance requirements haven’t kept up. Businesses looking to secure security certifications—whether it’s SOC 2, HIPAA, ISO 27001, GDPR, or PCI DSS—still rely on outdated methods. Teams spend months gathering screenshots, documenting security settings, and manually compiling reports just to prove they meet regulatory standards.
“Compliance is one of those industries that’s silently waiting for its revolution,” said Selin Kocalar, Delve’s cofounder and chief operating officer.
AI companies are growing at rapid speed, but compliance regulations have not kept pace. Businesses seeking security certifications, such as SOC 2, HIPAA, ISO 27001, GDPR, or PCI DSS, continue to use outdated procedures. Teams spend months gathering screenshots, documenting security settings, and manually creating reports only to demonstrate that they satisfy regulatory requirements.
The impact has been immediate. AI startup 11x, backed by Andreessen Horowitz, unlocked $2.3 million in contracts after switching to Delve. Keith Fearon, 11x’s Head of Growth, explained the frustration with traditional solutions:
“SOC 2 Type I had taken us 4 months with our old compliance platform… We were losing deals left and right.”
By integrating with Delve, the company saved 143 hours of manual work while strengthening its compliance standing.
Another customer, Bland, an AI phone call automation startup, secured over $500,000 in annual recurring revenue within a week of using Delve. CEO Isaiah Granet noted that Delve helped the company pass rigorous enterprise security reviews, a process that would have otherwise been a major roadblock.
Traditional compliance platforms rely on APIs to retrieve data, but this technique has limitations—many security settings and internal tools are simply not accessible through APIs. Delve’s AI agents solve this problem by extracting compliance data straight from web apps, internal systems, and even custom-built software.
This flexibility means Delve can support a broad range of compliance frameworks, including:
- SOC 2 (for SaaS security)
- HIPAA (for healthcare data protection)
- ISO 27001 (for information security management)
- GDPR & PCI DSS (for privacy and payment security)
- Custom frameworks tailored to specific industry needs
Beyond evidence collection, Delve offers features like AI-powered code scanning, which detects security vulnerabilities and automatically submits pull requests to fix them. The platform also includes a compliance copilot that helps teams navigate regulatory requirements, providing real-time guidance, code patches, and direct links to documentation.
For early-stage startups, compliance is often a distraction from growth. Delve’s goal is to make it effortless. Customers receive dedicated support, Slack-based assistance, and white-glove onboarding, ensuring they can get through compliance in weeks instead of months—without hiring a dedicated security team.
The Business of AI Compliance
With AI adoption accelerating, compliance is becoming an even bigger hurdle. Startups exploring AI agent applications raised $8.2 billion in 2024, according to PitchBook. Compliance-focused startups like Norm Ai and Greenlite are attracting investor interest, and Delve is positioning itself at the center of this shift.
“Right now, innovation and regulation are often seen as opposing forces,” said Karun Kaushik, Delve’s cofounder and CEO.
“We’re building Delve to help AI companies work in harmony with regulatory requirements, making innovation both safe and scalable.”
Delve already counts 100+ companies as customers, including OpenAI, PayPal, Indeed.com, and Hertz. Some of these businesses have secured contracts worth up to $100 million annually, thanks to streamlined compliance workflows.
As AI continues reshaping industries, security and compliance standards will only become more complex. Delve’s founders believe that AI-driven companies shouldn’t be held back by outdated processes.
What’s Next for Delve?
The company’s immediate focus is expanding its AI agents’ capabilities and adding support for more compliance frameworks. With funding secured, Delve is also looking to grow its team, which already includes AI researchers from MIT and Stanford, a two-time international olympiad winner, and a former lead investigator of an International Space Station experiment.
The bigger vision? To make compliance as fast as AI itself.
“AI makes millions of decisions every second,” Delve wrote in its funding announcement.
“But it’s still regulated with spreadsheets and screenshots.”