An anonymous Substack post accuses compliance startup Delve of “falsely” convincing “hundreds of customers they were compliant” with privacy and security regulations.

TechCrunch (TC) is a leading technology news and media site that covers the latest trends, startups, and innovations in the tech industry. With breaking news,  analysis, and expert commentary, TechCrunch provides  insights into the world of technology and entrepreneurship. Developers can learn about emerging technologies, funding opportunities, and market trends by following TechCrunch's coverage of the tech industry.

TechCrunch

An anonymous Substack post accuses Y Combinator-backed compliance startup Delve of fabricating compliance evidence for hundreds of customers, potentially exposing them to HIPAA and GDPR liability. The post, authored by 'DeepDelver,' claims Delve generates fake audit conclusions, pre-fills evidence of processes that never occurred, and uses rubber-stamp audit firms. Delve denies the accusations, calling the post misleading and characterizing its outputs as templates rather than pre-filled evidence. Additional reports emerged of security vulnerabilities in Delve's systems, including exposed employee background checks and equity vesting data. DeepDelver has promised a follow-up post with more allegations.

Delve accused of misleading customers with ‘fake compliance’

Disrupt 2026: The tech ecosystem, all in one room

Save up to $300 or 30% to TechCrunch Founder Summit