RegScale: Governance, Risk and Compliance…in real time
Anil Karmel
Co-Founder & CEO
“We believe compliance shouldn't be unaffordable, in fact, we believe it should be free. That’s why our Community Edition is completely free to get started”
Compliance today is largely conducted using Word documents and Excel spreadsheets that are instantly out of date the moment they are created. In the late 1990s and 2000s, the seeds of digitizing compliance started being planted. However, achieving and maintaining compliance has never been a piece of cake, especially for heavily regulated entities using traditional Governance, Risk and Compliance platforms. With the advent of cloud and modern technology approaches, the time has come to reimagine compliance, to make compliance real-time, to make compliance continuous, and to make compliance complete. This is where RegScale, an organization that helps its clients to continuously comply in real-time with multiple compliance requirements, has developed a novel approach to this problem. “We help heavily regulated organizations start compliant and stay compliant with their ongoing regulatory obligations,” explains Anil Karmel, Co-Founder & CEO, RegScale.
RegScale’s innovative software platform digitizes any compliance requirement, then integrates with existing security tools. The findings from these tools are brought into RegScale as mapped to compliance requirements, which then in turn automates the creation of tickets in ticketing systems, and couples a great human- and machine experience to output audit-ready documentation on demand. In fact, RegScale is the only solution that holistically manages compliance programs—both manual and automated assessments—at scale. It not only saves time and reduces risk but also enables reuse of assessments across multiple standards by allowing customers to bring their own mapping of controls into the platform.
What makes the company stand out from the crowd is the approach RegScale employs by bringing the principles of DevOps to Compliance in a new discipline called Regulatory Operations or RegOps. Compliance professionals can now continuously gather data and monitor control state in real time using RegScale’s easy to use browser-based interface, delivering a great experience to both the auditor and the audited while simultaneously allowing output in both human- and machine-readable formats.
While explaining the company’s unique value proposition, Karmel recalls an instance when the team assisted a Fortune 500 Financial Institution to get out of Excel Spreadsheets and Word docs and move into a compliance system of record. RegScale’s team was able to digitize their compliance requirements and integrate with a cloud security platform they had called Wiz. The team brought those findings from Wiz into RegScale, automated the creation of tickets in their ticketing system, and helped manage their compliance documentation directly in the software. The client also built enterprise reporting on top of RegScale in a Business Intelligence platform called Tableau to visualize their state of compliance in real time.
Since opening its doors, RegScale has been a pioneer in delivering the world’s first real-time Governance Risk and Compliance platform to customers around the globe. What led to the founding of RegScale is that its co-founders personally felt the pain of compliance. As explained by Karmel, “when we came out to the Department of Energy’s National Laboratories, we ran into a brick wall when it came into compliance. We had to build all this documentation in Word and Excel. That's where the idea was born to reimagine compliance and build a solution that would solve this problem at scale.”
Today, RegScale has positioned itself as a market leader and is leading the RegOps movement to transform how compliance is done. In that vein, Karmel said, “We believe compliance shouldn't be unaffordable, in fact, we believe it should be free. That’s why our Community Edition is completely free to get started. We are here to free organizations from (digital) paper by simplifying and automating regulatory compliance, outputting evergreen compliance paperwork on demand while simultaneously visualizing compliance and operational risk in real time.”