profile

Equinox Compliance

Sign up for updates on guides, webinars, playbooks, and training built by CCOs, auditors, former examiners, and risk leaders with decades in the field. By submitting this form, I agree to the Privacy Policy found at https://equinoxcompliance.com/privacy-policy and to sharing my information with Equinox Compliance.

Apr 16Β β€’Β 1 min read

πŸ” A $300M compliance startup just imploded


The Meridian

The bi-weekly compliance newsletter delivering practical insights on risk, regulation, and responsible innovation from veterans and builders in finance.

Hi Equinox Community πŸ‘‹

The compliance automation market got a wake-up call. A Y Combinator-backed startup raised $32 million, earned a $300 million valuation, and promised to make companies compliant in days. Then, YC ousted them. We broke it all down, plus what your team should be asking any vendor before signing. Also in this issue: fractional compliance leadership, the fintech-bank governance gap, and a full breakdown of every major bank charter path.

On our radar πŸ“‘

In March 2026, Delve, a compliance automation platform backed by $32 million in venture capital, was publicly accused of systematically misleading hundreds of customers into believing they were SOC 2, ISO 27001, and HIPAA compliant when the underlying controls were allegedly never implemented.

The allegations are serious: pre-fabricated evidence customers could adopt with a single click, audit reports pre-written by the platform itself, and certification firms described as offshore operations that rubber-stamped results without independent review. Some of the fastest growing companies including Lovable, Bland, and Wispr Flow were convinced to use their services. Even companies processing protected health information for millions of U.S. consumers were among those affected. The story has raised urgent questions about how organizations evaluate the vendors they trust with their most sensitive compliance programs.

We wrote the full breakdown, including 7 questions every compliance team should ask before trusting a vendor with SOC 2, ISO 27001, HIPAA, or PCI DSS. Read more →​

From the blog πŸ“

πŸ‘₯ Benefits of using a fractional compliance officer versus a full-time officer. Regulators expect named, qualified compliance leadership. Not every organization needs a full-time hire to get there. Read more →​

🀝 The fintech-bank governance gap: who owns model oversight? Banks can’t rely on fintech testing, and fintechs can’t assume bank approval means compliance. David Stickney breaks down the shared responsibility model. Read more →​

πŸ›οΈ Bank charter types explained: de novo, OCC, state, fintech, and ILC paths. Choosing the right charter is a business strategy decision with regulatory implications that compound over decades. Here’s what each path requires. Read more →​

Watch and learn πŸ€“

πŸ“½οΈ Building an AI Model Governance Program that Scales | On-demand Webinar

Join Amber de Volk and David Stickney in a practical session for compliance, risk, and technology leaders who need to move beyond policy documents and build operational model governance that holds up under examination.

Upcoming events πŸ“…

🌴 Finovate Spring. San Diego | Register here →​

πŸ” Building Trust in Crypto and AI. May 6 | San Diego | RSVP →​

Have a question or want to connect? Reach out to us!

Follow our blog and LinkedIn for more content updates.

See you in two weeks,

Emily

5256 S. Mission Road Suite 703 #5019, Bonsall, CA 92003
​Unsubscribe Β· Preferences​


Sign up for updates on guides, webinars, playbooks, and training built by CCOs, auditors, former examiners, and risk leaders with decades in the field. By submitting this form, I agree to the Privacy Policy found at https://equinoxcompliance.com/privacy-policy and to sharing my information with Equinox Compliance.


Read next ...