Kosli, a leading provider of automated governance solutions for software delivery, has raised $10 million in Series A funding led by Deutsche Bank’s Corporate Venture Capital (CVC) group and Heavybit. Defined Capital and Transpose Platform joined along with a number of angel investors.
Kosli Enterprise also launched today with new features for financial services businesses, including support for large user bases, change management automation, and audit evidence generation.
“Kosli addresses the specific needs of software development teams that operate in highly regulated industries,” said Martin Reeves, who leads Engineering Platforms and Practice at Deutsche Bank’s Technology, Data and Innovation division. “We are delighted to partner and collaborate with Kosli to drive our vision of a highly efficient, transparent, and secure software development lifecycle that empowers our engineers to focus on developing solutions for the bank’s clients.”
Governance, risk, and compliance (GRC) workflows have lagged behind the significant cloud and DevOps transformations in software development, creating a slow and costly bottleneck that delays the release of changes to production – while also increasing risk. In a 2024 McKinsey survey, 41 percent of global financial institutions said metrics and reporting capabilities were a key weakness in their overall infrastructure.
Also Read: Options and Data Intellect Announce Partnership to Drive Innovation in Financial Data and Cloud Services
Since its launch in 2019, Kosli has been helping financial institutions navigate this tension, both as an enterprise-ready technology solution for governance process automation across the entire software stack, but also as expert advisors to guide an organization’s software delivery governance strategy.
“Kosli has been a great partner, not just in terms of their product and the control that it offers us, but also the end-to-end thinking around how we build a strong, well-governed, well-controlled process,” shared Sean Longton, CIO, Abu Dhabi Commercial Bank. “With the emergence of AI and the rapid growth we’re experiencing, this criticality is not going to reduce. So, we need the right tools and the right mindset, and with Kosli we’re getting the product capability and the strategic guidance that we need.”
“Kosli enables us to deliver secure, compliant software more efficiently, so we can focus on innovating for our customers,” said Patrick Linnane, CISSP Senior Director of Information Security Operations at Emburse. “By automating compliance and providing real-time visibility into our software deployments, we reduce operational complexity and ensure faster, more reliable product updates. Their expertise in software delivery compliance helps us maintain the highest security and regulatory standards, ultimately giving our customers greater confidence in the solutions we provide.”
Kosli solves numerous compliance concerns in the software delivery pipeline for financial institutions and other highly regulated industries:
- Every software change event is recorded: Kosli closes the loop on governance by automatically recording all changes to runtime environments and connecting those changes to actions taken in development.
- Automated controls and audits: Delivery teams are able to fully automate change controls and audits without paperwork and delays.
- Integrates with existing tools: Large banks have distributed teams with diverse tool stacks, so Kosli is designed to integrate with whichever runtimes and CI/CD tools are already in place.
- Customer security protection: Kosli doesn’t reach into customers’ systems to pull data. Instead, customers choose which data they push to Kosli for safekeeping.
- Provable audit record: Data can only be appended, not updated, ensuring a trusted record of events.
- Controls engineering: Kosli also offers professional services to help enterprise teams map their high level GRC controls to the atomic world of software development.
“Right now, teams in regulated industries are basing control and audit decisions on information that is written into text boxes. It destroys software delivery performance with manual work, and piles up errors and risks that are found retrospectively in audits or system failures,” said Kosli CEO and co-founder Mike Long. “We want to transform this broken process with controls engineering so that teams can deliver compliant, secure changes quickly at scale.”
Kosli will use the funding to accelerate its adoption in servicing large banking clients, grow the team in all departments, and invest heavily in building more differentiated technology to automatically record and control the software delivery process.
“At Heavybit, we recognize the importance of being able to guarantee, in an era of AI-generated software, what software is running and when. We’re excited to support Kosli’s mission of delivering software more securely and with more accountability,” added Heavybit Managing Director, Tom Drummond.
“Defined partnered with Kosli as the rapid rise of AI-generated software has resulted in significant new demands around code review, security validation, quality assurance and regulatory compliance. This increased verification overhead arguably offsets a considerable amount of the productivity gains. We’re excited by Kosli’s solution as it addresses these bottlenecks to unlock compliant DevOps automation at scale,” said Defined Founding Partner, Mark Trevitt.
Source: BusinessWire