Delve's Darkest Hour: How a Compliance Startup Lost Its Way
Delve, a compliance startup, has found itself at the center of a maelstrom after being accused of misleading clients and skipping crucial security requirements. The company's relationship with Y Combinator has ended, and it's facing a barrage of criticism from all sides. As the drama unfolds, one thing is clear: Delve's future hangs in the balance.
Key Takeaways
- Delve's relationship with Y Combinator has ended
- The startup is accused of misleading clients and skipping security requirements
- Delve is pushing back against the accusations, claiming a malicious attack is to blame
In This Article
- The Fallout with Y Combinator
- The Allegations Against Delve
- Delve Fights Back Against the Accusations
- The Open-Source Controversy
- What's Next for Delve?
- The Broader Implications
The Fallout with Y Combinator
In a shocking turn of events, Delve is no longer listed among Y Combinator's portfolio companies. This drastic move comes after a series of allegations against the compliance startup, which has left many wondering what exactly went wrong.
- Delve's COO, Selin Kocalar, confirmed the split, stating that 'YC and Delve have parted ways'
- The company's page has been removed from the YC website, signaling a clear end to their relationship
YC and Delve have parted ways.
— Selin Kocalar (@kocalars) April 4, 2026
I still remember the day we took our YC interview at MIT.
We’re so grateful to the community and every founder friend we’ve made.
We'll continue to support every young founder striving to make the world a better place. pic.twitter.com/YQq5sIPwI5
The Allegations Against Delve
At the heart of the controversy are claims that Delve misled clients about their compliance with privacy and security regulations. But what does this mean, exactly? In simple terms, compliance refers to the process of ensuring that a company adheres to relevant laws and regulations, such as data protection laws. Delve's role is to help companies navigate this complex landscape, but the allegations suggest that the startup may have taken shortcuts, potentially putting its clients at risk.
- The allegations were first made in an anonymous Substack post, which claimed that Delve would auto-generate reports for 'certification mills' without properly assessing compliance
- A security researcher also came forward, stating that they were able to access sensitive Delve data, further fueling the accusations
Delve Fights Back Against the Accusations
Delve's leadership is not taking the allegations lying down. In a recent blog post, COO Selin Kocalar and CEO Karun Kaushik set out to 'set the record straight' on the anonymous attacks against the company.
- The executives claim that the evidence points to a malicious attack rather than a genuine whistleblower
- They also describe the criticism as 'a mix of fabricated claims, cherry-picked screenshots, and data taken out of context'
The Open-Source Controversy
One of the key points of contention is Delve's use of open-source tools. The company has been accused of passing off an open-source project as its own, without giving credit or reaching an agreement with the developer. But what's the big deal about open-source tools? In essence, open-source tools are software projects that are freely available for anyone to use, modify, and distribute. The issue arises when companies use these tools without properly acknowledging the original creators or contributors.
- Delve claims that it built on an Apache 2.0 open-source repository, which allows for commercial use
- However, the company has faced criticism for not properly crediting the original developers
What's Next for Delve?
As the dust settles, one thing is clear: Delve's future is uncertain. The company is taking steps to address the concerns and rebuild trust with its clients, but it remains to be seen whether these efforts will be enough.
- Delve is offering complimentary re-audits and penetration tests to clients
- The company is also cleaning up its network to remove auditing firms that don't meet its standards
The Broader Implications
The Delve controversy raises important questions about the state of the compliance industry and the role of startups in this space. As the industry continues to evolve, it's essential to consider the potential consequences of shortcuts and corner-cutting.
- The incident highlights the need for greater transparency and accountability in the compliance industry
- It also underscores the importance of proper due diligence and vetting of startups in this space
“YC and Delve have parted ways”
— Selin Kocalar, COO of Delve
“The evidence points to a malicious attack rather than a genuine whistleblower”
— Selin Kocalar and Karun Kaushik, Delve executives
Final Thoughts
As Delve navigates this treacherous landscape, the company's future hangs precariously in the balance. Will it be able to overcome the allegations and rebuild trust with its clients, or will the controversy prove too great to overcome? Only time will tell, but one thing is certain: the compliance industry will be watching with bated breath.
Sources & Credits
Originally reported by TechCrunch — Anthony Ha
Huma Shazia
Senior AI & Tech Writer
