Delve whistleblower presents new evidence of alleged compliance audit fakery

A day after Delve’s founder and CEO Karun Kaushik publicly denied allegations that his startup was fabricating evidence for customer compliance audits, the anonymous whistleblower has posted again with new purported proof. The accuser, using the pseudonym DeepDelver, presented alleged receipts including a video and Slack messages, and promised further revelations.

Delve, which automates work for obtaining security certifications and proving compliance with regulations like the GDPR, is a Y Combinator graduate from 2023. It was founded by 21-year-old MIT dropouts and raised a $32 million Series A round last summer led by Insight Partners, shortly after a $3 million seed funding round.

Whistleblower Doubles Down

DeepDelver’s latest post directly counters Kaushik's lengthy denial on social media platform X. The new evidence, which TechCrunch has not independently verified, is said to include internal communications and visual material that purportedly supports the original claims of fraudulent audit practices. The whistleblower stated more posts of this nature should be expected.

Context of Compliance Critiques

The allegations against Delve emerge amid broader industry scepticism about the tangible value of security certifications and compliance audits in preventing actual security incidents. This debate gained fresh relevance last week when a high-profile Delve customer, the open-source project LiteLLM, suffered a malware infection. LiteLLM had used Delve’s services to obtain two security certifications.

Delve’s rapid fundraising—moving from a $3 million seed to a $32 million Series A in a matter of months—had marked it as a notable player in the compliance automation sector prior to these allegations.

Next Steps and Industry Scrutiny

The situation places significant pressure on Delve’s leadership to provide transparent counter-evidence to the whistleblower's claims. The startup’s enterprise customers and venture backers are likely to demand clarity on its audit processes. The controversy also fuels ongoing discussions about the efficacy and integrity of the compliance industry as a whole, particularly for fast-growing tech startups seeking to quickly establish trust with enterprise clients.