As regulatory pressures mount and enterprises face growing scrutiny over third-party risk, compliance teams are being pushed to their limits. Manual processes, siloed data, and outdated tools have turned Governance, Risk, and Compliance (GRC) into one of the most overworked functions in modern business. It’s in this increasingly complex environment that Vendict, an AI-native GRC platform, is rapidly gaining ground and fresh capital.

The company has just closed a $10 million Series A funding round, led by new investors Moneta Ventures and JAL Ventures. Existing backers, including NFX, Cardumen Capital, Disruptive AI, and Cyber Club London, also participated in the round, with several investing beyond their pro-rata allocations. The latest raise brings Vendict’s total capital to $20 million.

Automation With Accountability

At the heart of Vendict’s offering is a platform designed not only to automate tedious compliance tasks, but to make the entire GRC process faster, more accurate, and more strategic. While some worry that AI will replace humans, Vendict sees a more empowering path: enabling GRC teams to “operate at 10x the speed with full traceability and minimal hallucinated outputs.”

The platform’s core advantage lies in its ability to offload manual work, like parsing frameworks, responding to security questionnaires, or conducting gap analyses, without sacrificing transparency or trust. “Compliance shouldn’t be spending their time copy-pasting across spreadsheets,” said Udi Cohen, Vendict Co-founder and CEO. “They should be steering strategy, managing risk, and earning trust. That’s what Vendict enables.”

Rather than being confined to check-the-box tasks, GRC teams using Vendict can shift their attention to long-term risk planning and high-level decision-making activities that are increasingly expected of them as business functions align more closely with regulatory frameworks.

How Vendict Works

Vendict operates as an intelligent extension of the GRC team. The platform is capable of:

• Automatically generating source-backed answers to security questionnaires
• Performing continuous gap analyses across major frameworks like SOC 2, ISO 27001, GDPR, DORA, and ESG
• Mapping regulatory obligations to internal controls with full traceability
• Evaluating third-party risks with minimal rework

Beyond automation, it’s a reinvention of the compliance workflow. What once took days or weeks of effort is now executed in minutes, freeing up teams to focus on strategic initiatives instead of chasing down evidence and documentation.

“Vendict’s automation eliminated the manual work involved in responding to these lengthy questionnaires,” said Raul Zayat Galante, CISO at Orca Security. “The platform understood our documentation and produced consistent, accurate responses every time… Vendict made the whole process smoother, and our clients appreciated the speed and accuracy of our responses.”

Why AI-Native Matters More Than Ever

The distinction between being AI-powered and AI-native is foundational. Many legacy vendors are attempting to bolt AI features onto outdated systems, often resulting in unreliable outputs and blind spots in reasoning. Vendict, by contrast, was “built from the ground up with intelligence at the core.”

This foundational approach allows for adaptive learning, transparency, and scalability traits that resonate with investors who understand the market’s inflection point. “While competitors try to retrofit AI into legacy systems,” said Gonzalo Martínez de Azagra, Founder & General Partner at Cardumen Capital, “Vendict is proving that explainable, traceable AI is not just possible but an absolute necessity.”

The platform’s intelligence improves over time through continuous feedback loops that learn from user interaction, decision-making workflows, and approval histories. This creates what Vendict’s CTO Michael Keslassy calls “a self-reinforcing system that becomes more precise and context-aware with every compliance cycle.”

Positioned for a Seismic Shift

Compliance technology is approaching a tipping point. With the GRC platform market projected to grow by over $44 billion between 2025 and 2029, it’s no longer enough to offer basic automation. The next generation of solutions must deliver trust, speed, and transparency in equal measure.

That’s why investors believe Vendict is uniquely positioned to lead. “The compliance space is undergoing a generational shift, and Vendict is perfectly positioned to lead it,” said Adoram Gaash, Co-Founder & Managing Partner at Moneta-Venture Capital. “They’ve combined world-class AI with deep domain understanding to create a platform that’s not only powerful, but trusted.”

And it’s a product-market fit and network momentum. “We backed Vendict early because we saw something rare in GRC: a two-sided network effect,” said Gigi Levy-Weiss, General Partner at NFX. “Every interaction strengthens the platform, making it smarter, faster, and more trusted across the ecosystem.”

Looking Ahead

Vendict’s new funding will accelerate product development, support customer growth, and expand its AI capabilities even further. But the company’s focus remains grounded in a simple mission: empowering GRC professionals to deliver faster, better, and more trustworthy outcomes.

In a field long viewed as bureaucratic and reactive, Vendict is showing what GRC can become with the right infrastructure, the right intelligence, and the right timing.