NEW YORK, NY / ACCESS Newswire / August 5, 2025 / As enterprises wrestle with ballooning regulatory obligations and costly third-party risk, Vendict, the AI-native platform transforming enterprise GRC (Governance, Risk, and Compliance), today announced a $10 million Series A funding round led by new investors Moneta VC and JAL Ventures. Existing backers, including NFX, Cardumen Capital, Disruptive AI, and Cyber Club London, also participated, with several investing beyond their pro-rata allocations, reaffirming strong conviction in the company’s mission and market position. The latest funding brings Vendict’s total capital raised to $20 million.
Modern GRC Requires Modern Infrastructure
GRC has become one of the most time-intensive, documentation-heavy functions in enterprise operations. Most organizations still rely on people power to manage the growing burden: manually parsing frameworks, mapping controls, and managing documentation across audits and assessments. These workflows are no longer sustainable.
While there’s much debate about whether AI can replace humans, Vendict is offering a more grounded and empowering path forward: a platform that equips GRC professionals with AI-native capabilities that eliminate manual grunt work and enable them to operate at 10x the speed with full traceability and minimal hallucinated outputs.
It’s not just about moving faster. Today’s GRC leaders face 10x more work due to a surge in regulations, sprawling third-party ecosystems, and the organization’s declining risk appetite. In this environment, speed isn’t enough. Teams must complete the work properly, not just tick boxes, thereby turning compliance into a strategic advantage.
With over 100 customers acquired in under three years, most of them switching from legacy or manual solutions, Vendict is proving that compliance doesn’t have to be slow, complex, or expensive.
“Compliance shouldn’t be spending their time copy-pasting across spreadsheets,” said Udi Cohen, Vendict Co-founder and CEO. “They should be steering strategy, managing risk, and earning trust. That’s what Vendict enables. We built our platform on language models, knowledge graphs, and continuous feedback loops so it doesn’t just generate answers but also understands context, explains its reasoning, and delivers results executives can trust.”
Elevating GRC to a Strategic Function
Modern GRC teams aren’t just check-the-box operators; they’re expected to move at the speed of the business, matching the pace of developers, sales teams, and product launches.
Vendict gives them the tools to do just that. By removing bottlenecks, ensuring verifiable outputs, and eliminating the grunt work that drags teams down, Vendict helps GRC professionals operate as strategic enablers, not operational overhead. This isn’t about automation for its own sake. It’s putting compliance at the center of the company, where modern GRC rightfully belongs.
The Core of Vendict’s Platform
The Vendict platform functions like an intelligent extension of the GRC team, enabling organizations to instantly and accurately respond to security questionnaires, perform gap analyses across compliance frameworks (like SOC 2, ISO 27001, GDPR, DORA, and ESG), evaluate third-party risks, and produce source-backed responses without friction or rework.
Unlike traditional tools that require manual input or rigid configuration, Vendict’s adaptability to each organization’s unique environment reassures users. The result is a shift from static processes to a dynamic, responsive model that accelerates processes and elevates teams.
What used to be a time-consuming process of days or weeks of manual effort is now completed in a fraction of the time, freeing up GRC teams to focus on strategic initiatives rather than process management.
“Vendict’s automation eliminated the manual work involved in responding to these lengthy questionnaires,” said Raul Zayat Galante, CISO at Orca Security. “The platform understood our documentation and produced consistent, accurate responses every time, giving us back hours of our day to work on critical security-related tasks. The time savings were remarkable-we could focus more on security and less on paperwork. Vendict made the whole process smoother, and our clients appreciated the speed and accuracy of our responses.”
Built for Trust. Engineered for Scale.
In a noisy landscape of automation wrappers and AI bolt-ons, Vendict stands apart with a platform that ensures every response is accurate, explainable, and tied to source evidence. It’s not just about speed. It’s about trust at scale.
That foundation is resonating with investors and industry leaders alike.
“While competitors try to retrofit AI into legacy systems, Vendict is built from the ground up with intelligence at the core,” said Gonzalo Martínez de Azagra, Founder & General Partner at Cardumen Capital. “That native advantage shows up in their speed, accuracy, and customer wins. Vendict is proving that explainable, traceable AI is not just possible but an absolute necessity.”
Beyond the technology, Vendict’s timing is right for a market undergoing seismic change.
“The compliance space is undergoing a generational shift, and Vendict is perfectly positioned to lead it,” said Adoram Gaash, Co-Founder & Managing Partner at Moneta VC. “They’ve combined world-class AI with deep domain understanding to create a platform that’s not only powerful, but trusted.”
What makes Vendict even more formidable is the compounding strength of its growing network.
“We backed Vendict early because we saw something rare in GRC: a two-sided network effect,” said Gigi Levy-Weiss, General Partner at NFX. “As more tech buyers and tech vendors use Vendict, both sides benefit: buyers get faster, more accurate risk assessments, while vendors save time by reusing and refining their responses. Every interaction strengthens the platform, making it smarter, faster, and more trusted across the ecosystem.”
Why AI-Native Matters
The GRC platform market is projected to add $ 44.22 billion in new value between 2025 and 2029, as AI becomes table stakes for staying compliant. Yet 74 % of compliance leaders remain uneasy relying on AI alone, worried about errors and the effort required to implement it.
This disconnect between AI’s promise and practitioners’ trust is exactly what Vendict addresses by ensuring its platform not only automates but also explains, validates, and justifies every output. Platforms retrofitting AI onto legacy systems often struggle, lacking the visibility and cohesion needed for trustworthy automation. They result in risky shortcuts, unreliable answers, and outputs that can’t be validated. In contrast, Vendict was built AI-native from day one, with intelligence deeply woven into the architecture and not bolted on after the fact.
That core difference enables real-time adaptability, contextual understanding, and traceability. It’s not just a technical distinction but is quickly becoming the difference between staying competitive and falling behind.
“One of the most overlooked advantages of building AI-native is the ability to retrain and optimize models based on proprietary feedback loops continuously. At Vendict, our architecture doesn’t just consume data; it learns from user interaction patterns, approval workflows, and decision boundaries in real-time. This creates a self-reinforcing system that becomes more precise and context-aware with every compliance cycle. That kind of adaptive intelligence simply isn’t possible when AI is retrofitted into a legacy stack,” says Michael Keslassy, Vendict’s CTO.
With Vendict, every output is context-aware, explainable, and backed by source evidence, helping GRC teams move faster while staying fully in control.
AI-Native in Action
Unlike legacy players bolting chatbots onto rule‑based engines, Vendict was engineered end‑to‑end for language‑model reasoning. That distinction shows up in day‑one results:
100 % traceability: every answer links back to canonical evidence, eliminating audit guesswork.
From 6 days to 6 minutes: automated responses to security questionnaires and due‑diligence requests.
90 % cut in manual control testing through continuous gap analysis across SOC 2, ISO 27001, GDPR, DORA, ESG, and more.
About Vendict
Vendict is an AI-native compliance platform that empowers companies to automate and accelerate their GRC processes, from security questionnaires and risk assessments to regulation mapping and audit readiness. Used by leading tech-forward brands, Vendict helps GRC teams eliminate repetitive work, reduce time-to-trust, and become the revenue accelerators of their organizations.
Media Contact:
SOURCE: Vendict
