Compliance Startup Delve Accused of Fake Security Certifications

A compliance startup called Delve convinced hundreds of customers they met privacy and security regulations—when they didn’t, according to an anonymous Substack post published this week.

The accusation is direct: Delve falsely assured clients their systems were compliant with major standards. No specifics on which regulations, how many customers were affected, or what Delve’s response is yet.

Compliance tools are supposed to help companies navigate rules like GDPR, HIPAA, and SOC 2. If Delve sold fake compliance stamps, customers relying on those certifications could face serious legal problems. Companies need to actually meet these standards—a bogus green light puts them at risk of fines and liability.

The allegations came via an anonymous post, which means verification is still in progress. TechCrunch broke the story, but details remain thin. This is the kind of accusation that tends to escalate quickly once public attention hits.