Delve Loses Y Combinator Partnership Amid Controversy
Compliance startup Delve has lost its partnership with Y Combinator, a prominent startup accelerator, following a series of allegations regarding its business practices. The startup is no longer listed in YC’s directory, and its dedicated page has been removed from the YC website. Selin Kocalar, Delve’s Chief Operating Officer, confirmed the split on X, stating that “YC and Delve have parted ways.”
Investor Relationships Strained
Y Combinator is not the only investor distancing itself from Delve. Insight Partners has also deleted references to its investment in the startup, although one of its primary blog posts has since been reinstated. This trend highlights growing unease among backers as the compliance startup faces increasing scrutiny.
Response to Anonymous Allegations
Amidst these challenges, Delve vehemently contests anonymous claims suggesting the company misled its clients by asserting compliance with privacy and security regulations while neglecting critical requirements. The allegations outlined purported practices such as auto-generating reports for what have been dubbed “certification mills,” raising questions about the integrity of their compliance offerings.
Whistleblower Claims Under Scrutiny
These allegations first emerged in a controversial Substack post from an anonymous author known as “DeepDelver,” who claimed to be a former customer of Delve. The individual became suspicious after obtaining leaked data regarding the startup’s operations and clients, which they shared in subsequent posts to bolster their claims.
Security Breach and Malware Connections
Delve’s troubles worsened when malware was discovered in an open-source project linked to one of its customers, LiteLLM. This development has compounded the company’s existing issues, raising additional concerns about security within its ecosystem.
Response from Delve’s Leadership
In a recent blog post, Kocalar and CEO Karun Kaushik aimed to clarify the situation, stating that they have enlisted a cybersecurity firm to investigate the claims against them. They suggested that the allegations stemmed from a coordinated attack rather than genuine whistleblowing, claiming an attacker exploited Delve’s services to orchestrate a smear campaign.
Commitment to Transparency and Improvement
Furthermore, Delve described DeepDelver’s allegations as a combination of fabricated statements, selectively chosen screenshots, and misrepresented data. The company asserted its commitment to ensuring client satisfaction and confidence in their compliance outcomes, including the removal of underperforming auditing firms and offering free re-audits to current customers.
In a post on X, Kaushik reiterated the company’s pledge to improve its practices and expressed regret, stating, “[W]e grew too fast and fell short of our own standard. To our customers, we deeply apologize for the inconveniences caused.” As Delve navigates this challenging period, both Y Combinator and DeepDelver have been approached for further comments on the ongoing situation.