Letter from the CEO: I Thought AI in Compliance Was Bullshit

Why I changed my mind and what it means for MSPs

Not long ago, someone on my team asked, “Tim, when are we going to add AI to Compliance Scorecard?”

My response was instant: “We're not. We don't do features just because they're trendy.”

I've spent my career in a world where things are true or false. You either did the thing, or you didn't. That binary mindset has always served compliance well, and it's why I've resisted the AI hype.

Too many vendors were slapping “AI” onto slides without delivering anything meaningful. Compliance isn't a sandbox. There's too much at stake to experiment with half-baked automation.

So I sat it out. Until I couldn't anymore.

What Changed My Mind

Partners. Investors. Customers. All started asking the same question:

“What's your AI strategy?”

We didn’t rush to produce an answer. We started by asking ourselves the hard questions about whether AI would solve real problems or just create new ones. After testing quietly, we found a use case that had been broken for years: policy adoption.

Let's be honest. Most platforms (ours included) treated it like a formality:

Upload a Word doc
Ask for an e-signature
Check the box
Move on

No one checked for comprehension. No one knew if users actually understood what they signed.

It was the definition of checkbox culture, and it left MSPs holding the bag when users “agreed” to policies they never read, let alone followed.

So we asked: What if AI could fix that?

How We Built It Right

Once we had zeroed in on policy adoption, our team went to work. We held regular partner calls, gathered direct feedback, and listened to real-world scenarios. I'm not the only guy with all the answers. We build based on what helps MSPs operationalize, sell, reduce risk, and grow revenue.

What emerged was a complete rebuild of how policy adoption works, starting with security awareness training:

Our AI-powered flow reads the actual policy, generates 3 to 5 smart comprehension questions, and tests the end user. It tracks pass/fail performance across the entire company, auto-generates a plain-English “Explain it Like I'm 5” version, and connects the dots between the policy and the employee's daily role.

We're prioritizing privacy, making sure every output is auditable, and we won't release it until it delivers on its promise. Select partners will be invited to beta testing later this year.

Why It Matters to You

If you're an MSP, you know what happens when clients treat policy as a box to check. No one reads it. No one remembers it. And when something goes wrong, you get blamed.

Now you'll have proof that users didn't just sign it, they understood it. You'll have visibility across clients. You'll finally have defensibility.

And maybe most importantly: Your clients will get smarter.

Policy becomes practice. Awareness becomes behavior. Compliance becomes culture.