“We know from tracking that the most compliant - and happy - customers have an integrated GRC software”

Denmark is one of the most mature countries when it comes to software for GRC.

‍

And there have been many strong software providers in this space for a number of years in Denmark.

‍

Three of them are RISMA Systems, Wired Relations, and ComplyCloud, which were acquired by the private equity fund Triple Private Equity this summer. The aim is to join forces as one integrated GRC solution and, by so, get the muscles to grow and localize their offerings in other markets:

‍

‍“All three companies have a lot of experience with what works in Denmark. We can use that standard to mature the markets in the Nordics - and eventually Europe. Of course, we’ll continue to mature the Danish market and the processes in Danish organizations, but thanks to this merger, we can also make a difference in other Nordic countries - and make a difference for society,” says the founder of RISMA Systems, Lars Nybroe Munksgaard.

‍

‍

Lars Nybroe Munksgaard, Wired Relations co-founder Anders Linemann, and ComplyCloud founder Martin Folke Vasehus will play a major role in the new company.

‍

For that reason, current and future customers also have a guarantee that the strengths of each company will be carried forward:

‍

“ComplyCloud comes from a strong legal position, Wired Relations has a strong background in privacy and information security, and RISMA comes with a strength within enterprise risk management. By bringing these forces together, we can offer an integrated GRC solution that resonates strongly in the market,” says Anders Linemann, co-founder of Wired Relations.

Compliance as part of company culture

Ease of use is one of the reasons why the Danish market is mature within GRC. This is also the case for RISMA Systems, Wired Relations, and ComplyCloud.

‍

The product development process for their new integrated GRC solution is already underway, and the first building blocks have been laid. The three companies are drawing on experiences that have created documented value by measuring customer satisfaction and loyalty (NPS) at over 80 on a scale where 70-100 is in the World-class category:

‍

“We know from tracking that the most compliant - and happy - customers have an integrated GRC software. Meaning a software that everyone in the company can use and where they can find everything. Even if they just have to find a policy, they should be able to find it in a compliance software - not on the intranet,” says Anders Linemann and continues:

‍

“Compliance shouldn’t be a subculture that belongs to one department or one employee, especially not because employees within compliance and infosec change jobs often. Then they take all their knowledge with them, which makes the company fragile and inefficient. Compliance should be in the entire company culture, where it’s a daily habit for all employees to use compliance software.”

‍

‍

Everyone should be able to afford clarity

It’s not only about making software with the end-user in mind, but also a market that gets more complex.

‍

There are a lot of regulations that companies need to comply with - and new ones are coming all the time. Just last year, both the AI Act and the NIS2 Directive came into force in the EU.

‍

Even though compliance requirements are getting stricter, clarity is not following suit for those who need to comply. According to Martin Folke Vasehus, founder of ComplyCloud, this causes a Team A and a Team B among companies:

‍

“Right now, a lot of companies are unable to comply with the law because there’s a lack of clarity. That’s why we see a divided world of people who can afford to pay for clarity and people who can’t. First and foremost, this creates challenges in a world that feels uncertain and places ever-higher demands on your ability to document your credibility. It also weakens companies' confidence and belief that they can fulfill their compliance obligations. We’re founding this company to build that gap,” says Martin Folke Vasehus.

‍

‍

“This company” will reveal its name at the beginning of 2026, but one thing is official now:

‍

The goal is to build and offer a GRC process for organizations that makes it easy and clear for them how to adapt to new rules and optimize in a way that prevents them from having to do the same work twice:

‍

“I've been in this game for many years, and I know that things take time. But when we look back in 3-4 years, we can hopefully see that we’ve made that difference,” says Lars Nybroe Munksgaard.

‍