Most enterprise compliance platforms promise speed. Vendict promises trust at speed. The company just raised $10 million in Series A funding to expand its AI-native GRC platform, which helps companies respond to audits, security questionnaires, and regulatory demands with explainable, evidence-based answers.
The round was led by Moneta VC and JAL Ventures, with continued support from NFX, Cardumen Capital, Disruptive AI, and Cyber Club London. Several investors increased their stakes beyond their pro-rata, bringing Vendict’s total funding to $20 million.
“The compliance space is undergoing a generational shift, and Vendict is perfectly positioned to lead it,” said Adoram Gaash, Co-Founder & Managing Partner at Moneta VC.
Building from the Core: Why AI-Native Matters
Unlike most compliance tools that simply add AI to existing frameworks, Vendict took a different path. It built its intelligence engine from the ground up, with a unique architecture centered on proprietary language models, internal knowledge graphs, and real-time feedback loops. This approach is not just about generating outputs, but about justifying them, setting Vendict apart in the industry.
“One of the most overlooked advantages of building AI-native is the ability to retrain and optimize models based on proprietary feedback loops continuously,” said Michael Keslassy, Vendict’s CTO. “Our architecture doesn’t just consume data; it learns from user interaction patterns, approval workflows, and decision boundaries in real time.”
That dynamic learning infrastructure allows Vendict to produce responses that are accurate, context-aware, and always tied to source documentation, something most retrofitted systems simply can’t do.
“While competitors try to retrofit AI into legacy systems, Vendict is built from the ground up with intelligence at the core,” said Gonzalo Martínez de Azagra, Founder & General Partner at Cardumen Capital. “That native advantage shows up in their speed, accuracy, and customer wins.”
From Copy-Paste to Command Center
Compliance teams have long suffered under the weight of repetitive manual work. From copying answers between questionnaires to maintaining spreadsheets across frameworks, GRC has historically been a slow, error-prone domain.
Vendict is changing that.
“Compliance shouldn’t be spending their time copy-pasting across spreadsheets,” said Udi Cohen, Vendict Co-founder and CEO. “They should be steering strategy, managing risk, and earning trust.”
Vendict replaces static templates and siloed processes with a dynamic, intelligent assistant. Its platform can be seamlessly integrated into existing systems, automatically mapping internal documentation to standards like SOC 2, ISO 27001, GDPR, DORA, and ESG, while providing verifiable responses to third-party assessments and due diligence requests.
“We built our platform on language models, knowledge graphs, and continuous feedback loops so it doesn’t just generate answers but also understands context, explains its reasoning, and delivers results executives can trust,” Cohen added.
Proof in the Field
Real-world results speak for themselves. For Orca Security, Vendict’s platform turned a time sink into a streamlined operation.
“Vendict’s automation eliminated the manual work involved in responding to these lengthy questionnaires,” said Raul Zayat Galante, CISO at Orca Security. “The platform understood our documentation and produced consistent, accurate responses every time. The time savings were remarkable—we could focus more on security and less on paperwork.”
Network Effect, Enterprise-Grade
In under three years, the company has signed over 100 customers, the majority of whom have migrated from legacy or fully manual systems. Each new user interaction further strengthens Vendict’s AI through data reuse and reinforcement.
“As more tech buyers and tech vendors use Vendict, both sides benefit,” said Gigi Levy-Weiss, General Partner at NFX. “Buyers get faster, more accurate risk assessments, while vendors save time by reusing and refining their responses. Every interaction strengthens the platform.”
This two-sided network effect enables greater accuracy at scale, faster time to trust, and better collaboration between buyers and vendors.
What’s at Stake: A Market Ready for a Reset
The global GRC platform market is projected to add more than $44 billion in value between 2025 and 2029, driven largely by increasing regulations and growing risk exposure. But despite this urgency, trust in AI remains fragile.
A recent industry report reveals that 74% of compliance leaders remain hesitant to rely on AI, citing concerns regarding hallucinations, explainability, and loss of control. Vendict addresses this head-on by making every answer traceable, contextually justified, and tied to source evidence.
“That native advantage shows up in their speed, accuracy, and customer wins,” Martínez de Azagra emphasized.
Compliance as a Strategic Lever
Vendict isn’t positioning GRC as just another back-office function. Its vision is to elevate compliance into a strategic role, one that is closer to product, closer to revenue, and far more proactive.
What used to take teams days of spreadsheet wrangling and back-and-forth approvals is now reduced to minutes. One questionnaire can go from six days to six minutes. Manual control testing is cut by up to 90%. For companies chasing growth, operational efficiency translates directly into trust with customers, auditors, and partners.
As Cohen put it: “They should be steering strategy, managing risk, and earning trust. That’s what Vendict enables.”
With its latest round and growing momentum, Vendict is rebuilding compliance around transparency, speed, and intelligence that scales.
