RegScale, a provider of continuous controls monitoring (CCM) solutions for highly regulated industries, has secured more than $30m in its latest funding round.
The Series B raise was led by Washington Harbour Partners, with additional backing from new investors including M12, Microsoft’s venture arm, Hitachi Ventures and Ankona Capital. Existing investors SYN Ventures and SineWave Ventures also participated.
The Virginia-based company develops a cyber governance, risk and compliance (GRC) platform designed to move organisations away from manual, checklist-style compliance processes towards real-time, automated monitoring. It aims to help critical industries such as government, financial services and energy manage compliance debt and strengthen security.
Funds from the round will be used to accelerate growth in the $50bn GRC market. RegScale plans to invest in R&D, sales and its AI roadmap, which centres on its RegML technology. The company is building AI-powered agents to continuously monitor compliance, automate evidence collection, run audits and analyse risk — capabilities it claims are unmatched at scale.
The business said its customers have already seen benefits including audit preparation times cut by 60%, faster FedRAMP authorisations and improved accuracy. RegScale has also achieved FedRAMP High Authorisation sponsored by the US Department of Homeland Security in just six months, compared with the 18–24 months usually required.
Washington Harbour Partners founder and CIO Mina Faltas said, “We invested in RegScale because the stakes could not be higher. Protecting critical infrastructure and high-value assets must be achievable, scalable, and resilient. RegScale has the technology, leadership, deep expertise, and market traction to transform GRC from a cost center into a force multiplier for security and resilience. With compliance debt dragging down agencies and enterprises alike, the company doesn’t just check compliance boxes; it increases security effectiveness while cutting compliance costs.”
Todd Graham, managing partner at M12, Microsoft’s Venture Fund, said, “RegScale’s AI-powered compliance-as-code approach delivers what today’s operators need most: faster certifications, lower costs, and a stronger security posture. This is the future of cyber GRC, and we’re excited to support RegScale as they scale to meet the growing demand.”
Hitachi Ventures partner and CFO Wolfgang Seibold added, “RegScale is transforming GRC from a consultant-driven, expensive, checklist-based compliance burden into real-time resilience and dynamic operational control assurance. By automating continuous controls monitoring, RegScale is leading the industry in how compliance can become a driver of competitive advantage and mission speed, not a barrier to innovation.”
RegScale co-founder and CEO Travis Howerton said, “CISOs are faced with ensuring the systems that keep our country running can withstand increasingly sophisticated cyber threats. From homeland security missions, to the grid, to our leading cloud service providers, to global banking transactions, every compliance gap can quickly become an operational catastrophe or worse, a national security risk. RegScale was built to close those gaps in real time while cutting costs and accelerating missions.
“We have assembled a world class leadership team that is laser focused on automating all aspects of risk and compliance. This funding allows us to double down: scaling our go-to-market team, expanding our platform capabilities, and accelerating our pace of innovation. The future of cyber GRC isn’t just manual paperwork, it’s your AI-powered Risk and Compliance Co-Pilot that accelerates your digital transformation efforts while simultaneously improving your security posture and cost basis.”
The company has recently expanded its leadership team with new appointments across technology, sales, partnerships and federal operations. It has also been recognised with industry awards, including Best Compliance Solution by SC Media, and has been named an industry leader by Gartner.
Copyright © 2025 RegTech Analyst
Copyright © 2018 RegTech Analyst
