RegScale, a provider of Continuous Controls Monitoring (CCM) solutions, has announced it secured over $30 million in an oversubscribed Series B funding round. The investment was led by Washington Harbour Partners, with additional contributions from new investors M12 (Microsoft’s Venture Fund), Hitachi Ventures, and Ankona Capital. Existing investors SYN Ventures and SineWave Ventures also participated in the round.
The new capital is designated to accelerate RegScale’s position in the $50+ billion GRC (Governance, Risk, and Compliance) market. The company plans to fuel key hires in R&D and sales and expand its RegML, an AI roadmap. This expansion will enhance its CCM platform, which utilizes AI agents to continuously monitor compliance, automate evidence collection and reviews, conduct audits, and analyze risk.
Mina Faltas, Founder and CIO of Washington Harbour Partners, stated, “RegScale has the technology, leadership, deep expertise, and market traction to transform GRC from a cost center into a force multiplier for security and resilience.” Todd Graham, Managing Partner at M12, added, “RegScale’s AI-powered compliance-as-code approach delivers what today’s operators need most: faster certifications, lower costs, and a stronger security posture.”
With this funding, RegScale aims to strengthen its offerings for government agencies, financial services, and high-tech organizations, while also accelerating its expansion into energy, utilities, and other highly regulated sectors. The company states that its platform helps organizations manage cyber GRC, with customers reporting 60% faster audit preparation, 3–4 times faster FedRAMP High authorizations, and up to 80% greater accuracy. Automation and AI are cited as delivering up to 10 times staff efficiency.
RegScale is involved in promoting industry standards, serving as a lead affiliate for the Cyber Risk Institute’s (CRI) OSCAL initiative, a founding member of the OSCAL Foundation, a participant in the Cloud Security Alliance (CSA) Compliance Automation Revolution, and a contributor to the FedRAMP 20x initiative. The company’s platform achieved FedRAMP High Authorization, sponsored by the Department of Homeland Security (DHS), in six months at half the typical cost, compared to an industry average of 18–24 months.
Inside the company, RegScale has reported tripling its Annual Recurring Revenue (ARR) year-over-year and securing key enterprise and federal customers. The team has expanded with new leadership additions, including Devon Goforth as CTO, Rich Shirley as VP of Strategic Partnerships, Mike Kimball and Meghan Shafer as VPs of Sales, and Jennifer Stafford as GM of Federal. Roland Cloutier and Alex Tosheff have joined as strategic advisors.
Wolfgang Seibold, Partner & CFO at Hitachi Ventures, commented, “By automating continuous controls monitoring, RegScale is leading the industry in how compliance can become a driver of competitive advantage and mission speed, not a barrier to innovation.” Travis Howerton, Co-Founder and CEO of RegScale, added, “This funding allows us to double down: scaling our go-to-market team, expanding our platform capabilities, and accelerating our pace of innovation. The future of cyber GRC isn’t just manual paperwork, it’s your AI-powered Risk and Compliance Co-Pilot that accelerates your digital transformation efforts while simultaneously improving your security posture and cost basis.”
RegScale’s platform is designed as an operational risk tool for CISOs, built on a compliance-as-code foundation. It emphasizes automation through an API-first strategy, self-updating documentation, and AI agents to minimize manual tasks, enhance proactive program management, reduce costs, accelerate time to market, and mitigate operational risk.
