A new compliance audit platform to help financial institutions keep up with myriad IT security and privacy regulations launched Thursday, with significant financial support and a seal of approval from one of the country’s largest bank and investment firms.
Regulatory technology upstart Laika introduced an automated platform, Laika+, that it promises will deliver thorough audit reports necessary to meet security, privacy and regulatory SOC 2 compliance in less than half the time of existing systems. And the New York-based regulatory technology start-up is already attracting the support and attention of the wider financial industry, with J.P. Morgan Private Capital leading the investment on Laika’s $35 million Series B funding round in early November. PayPal Ventures and Bain Capital Ventures are also investors in Laika.
“Our approach to IT audits is significantly faster, more affordable, and fully integrated into the compliance process within our platform,” according to Austin Ogilvie, co-founder and co-CEO of Laika, adding that this more automated process can make audits as much as 60% faster. (Laika launched a closed beta test in March 2021.) On average, financial industry assessors spend 150 hours to 200 hours testing SOC 2 controls, according to Ogilvie.
“And technology to automate and streamline audit processes has been virtually nonexistent,” Ogilvie said. “There is no other way to pass through information and verify security practices other than manual work.”
What makes Laika’s platform stand apart is that the audit is truly integrated into the over-arching compliance — with no separation between building or maintaining the compliance and auditing it, Ogilvie said, making for a more accurate and transparent audit process.
“This creates reproducible audit reports,” he added. “There are no questions around how an audit reached a conclusion, and it significantly reduces the chance of human error.”
Running off their own proprietary technology and tools for auditors, Laika promises to speed the entire process from the IT audit fieldwork through data exports and testing. The platform removes the need for 80% of previous manual evidence collection in the audit process, according to the company’s testing.
Since the private beta launch in the spring, Laika has signed on and begun working with “hundreds of financial technology companies, alternative lenders, payments processors, and regional financial institutions” including alternative trading data provider Daloopa, instant financing provider Octane Lending and cannabis payments and e-commerce provider, Jane Technologies, Ogilvie said.
Christopher Dawe, managing partner and head of J.P. Morgan Growth Equity Partners, lead investor for the regtech’s Series B, said, “There is clear market demand for technologies that help streamline the compliance process by delivering transparency, automation and expertise...[W]e view Laika’s technology as well-positioned to address pain points across the industry.”
Indeed, the number and complexity of IT security and privacy regulations facing the financial industry (and other highly regulated sectors, like healthcare) continues on the rise, with FSIs fearful not only of fines, but the reputational and potential business damage if they run afoul of the regulators. For example, with financial industry mergers on the rise (as FSIs compete to expand and gain economies of scale) getting a slap on the wrist for sloppy compliance would bode badly for potential deal-making.
“First and most importantly, an audit is not an insignificant process,” Ogilvie said. “If a business is going through an audit, it’s likely that a significant number of employees are completely tied up in emails, spreadsheets, interviews, and weeks of labor.”
Indeed, one of Ogilvie’s Laika co-founders and its chief operating officer, Eva Pittas, witnessed this first-hand when she previously oversaw global risk and compliance at Citigroup for 20 years.
“Most enterprises will not do business with non-compliant technology companies, and getting compliant is a painful, expensive, time-consuming and confusing process,” Ogilvie added. “We wanted to eliminate those pains while helping businesses build compliance programs that not only would pass audits, but would also pass procurement to ultimately grow their company.”