An anonymous Substack post has accused compliance startup Delve of misleading hundreds of clients, potentially exposing them to criminal liability under HIPAA and hefty fines under GDPR.

DeepDelver, who claims to work for a former client of Delve, says the company produces fake evidence and forces customers into a 'choose between a lie or manual work' scenario. They also allege that Delve's audit partners are part of a fraudulent operation based in India.

In response, Delve has denied issuing compliance reports and claims to be an automation platform that provides auditors with information. The company says it offers a network of independent third-party audit firms for clients to choose from.

DeepDelver is clearly not impressed, calling the startup's response 'baffling.' They say Delve is trying to avoid accountability by denying they provide pre-filled evidence and instead calling them templates.

The incident raises serious questions about the integrity of compliance services in the tech industry. With so much at stake for both companies and individuals, it’s no wonder trust has become a premium commodity.