As businesses globally are facing external pressures to be more focused on privacy, security, and transparency, compliance management is needed now more than ever. With 200+ regulatory updates, 900 regulatory agencies, and the average cost of a non-compliance incident being $14 million, maintaining compliance is critical for every business, no matter the size.
Tracking, maintaining, and proving compliance has traditionally been incredibly difficult, resource-intensive, and takes a significant time commitment. That's why one startup aims to simplify compliance by disrupting the antiquated industry.
Enter VComply. Founded in 2019, VComply is a governance, risk management, and compliance (GRC) platform that enables its customers with a secure and easy-to-use solution. VComply is highly configurable to meet the specific needs of any organization without additional coding or infrastructure changes.
The platform collects, organizes, analyzes, and automatically reports on GRC data inputted into the system to provide a high-level view of an organization's compliance posture at any given time.
Combining that with the ability to surface detailed information on any control, VComply modernizes how people work and interact with GRC programs within their businesses.
In this week's #BuiltWithMongoDB, we take a look at VComply to learn more about how they are truly helping organizations strengthen their risk and compliance management.
We spoke with Harshvardhan Kariwala, CEO, and Ashish Jha, Vice President of Engineering at VComply to discuss the company's journey and how they decided to build with MongoDB.
What inspired you to build the business?
Harshvardhan: VComply is actually my third startup. At one of my previous companies, I had become hyper-focused on building the business, and I eventually lost sight of compliance. Operational functions fell through the cracks, and I ended up outsourcing our compliance programs to this corporate firm in Singapore.
Fast forward a bit, they ended up forgetting to do a required compliance filing, and we ended up responsible for paying the non-compliance fines associated with that.
One reporting misstep, and we were fined. That's what got me worried. We got lucky that was all that happened.
It only took one time to inspire action. We then built an internal tool where the entire idea was around creating a culture of reporting excellence and internal accountability.
After adopting our newly created tool, in 2018, we realized that we built a very robust solution to real day-to-day compliance problems. We thought, "Why don't we spin this off into its own product?"
By that time, I was ready to get back into product development, and this was the perfect opportunity. In early 2019 we set up VComply. We quickly got our first customer, the City of Boston, and never looked back.
So that's where VComply got its start. It was never meant to be sold as a product. It was more of an internal compliance tracking tool. That's how we entered the GRC space.
What exactly does VComply do? What are some of its most useful product features?
Harshvardhan: We help businesses be compliant, mitigate risk, and adopt a culture of transparency. If there isn't internal alignment within a company, no tool is going to help them. At its core, VComply is designed to be easy to use so that anyone in an organization can adopt a compliance-first mindset. By removing the traditional technological barriers, we found that businesses can realize the benefits quickly.
That said, VComply serves as the single source of truth for everything GRC within an organization. Think tracking compliance obligations, compliance monitoring, automating activities, alerts and follow-ups, compliance evidence collection, audit trails, and more.
Another popular piece of our tool is our enterprise risk management as well as policy management functionalities. You can monitor and manage risk programs, quickly identify risks, and start linking compliance obligations to mitigate that risk.
What makes VComply stand out from its competitors?
Harshvardhan: Most other solutions on the market require a compliance expert, are hard to navigate, and take a significant time commitment upfront to get up and running. We built VComply to be more practical and realistic with how people manage their compliance and risk programs today. VComply is easy to set up, simple to use for the end-user, and flexible to map to the specific controls a business needs to comply with without any additional coding.
How did you decide to build with MongoDB?
Ashish: Easy and intuitive search support, as well as indexing and automated performance suggestions, were the key drivers for us building with MongoDB. Also, training new developers is very straightforward.
What has your experience been like scaling with MongoDB?
Ashish: Scaling is pretty seamless with MongoDB. Setting up alerts and monitoring is very straightforward. We've had nothing but great experiences so far.
Do you have a favorite technical book or podcast that you would recommend to other tech entrepreneurs?
Harshvardhan: I would recommend The Great CEO Within: The Tactical Guide to Company Building by Matt Mochary. That's definitely a great read.
This is a bit of an open questions, so feel free to interpret it how you'd like. What are you currently learning?
Harshvardhan: That's a tough one. I think you're always learning so many different things on any given day that it's difficult to give one answer. Today, I'm learning marketing strategies, like demand gen as well as sales tactics to scale the business.
Ashish: Primarily, I'm learning how engineering can augment and support other organizations within the company.
Who are some tech leaders or entrepreneurs that you admire?
Ashish: I do admire Jeff Bezos quite a bit. I admire the laser focus that he has and the clarity in terms of his reasoning.
Harshvardhan: Elon Musk because of his ideas and execution. One thing that's great about him is how he executes his ideas flawlessly.
Interested in learning more about MongoDB for Startups? Learn more about us here.