Media Kit | Comma Compliance

About Comma Compliance

Comma Compliance is a privately held RegTech company headquartered in San Francisco that gives financial institutions code-level visibility into how mobile and chat messages are captured, stored, and audited for regulatory recordkeeping. Financial institutions are under intensifying pressure to capture and retain business communications that now flow through mobile messaging and consumer chat apps. Founded in 2025, the company ships capture connectors (open-source for WhatsApp and Signal) and a compliant archive that meets SEC 17a-4 and FINRA Reg S-P requirements.

Jeremiah Church, Founder

Comma Compliance was created by Jeremiah Church, a technologist with 20 years in the financial compliance industry. He’s passionate about security and compliance working hand in hand, and advocates for transparency in the space. “Compliance tools should be as accountable as the industries they serve.”

Recent Press Releases

EMBARGOED FOR RELEASE UNTIL 9:00 a.m. ET (13:00 UTC) / 6:00 a.m. PT - AUGUST 5 2025.

Advancing RegTech Transparency: Comma Compliance Debuts Open-Source WhatsApp & Signal Captures

Broker-dealers can inspect or self-host real-time message capture to meet the requirements of the SEC and FINRA.

SAN FRANCISCO - Aug. 5, 2025 - Comma Compliance launched its open-source code for its real-time WhatsApp and Signal capture tools on GitHub. Firms can now inspect, adapt, or self-host the WhatsApp and Signal capture tools, or rely on Comma’s pre-configured service that delivers messages into its secure, tamper-proof archive. Neither connector is endorsed by WhatsApp or Signal.

The release comes at a time when broker-dealers are reevaluating their communications compliance stacks, following the widely reported May 2025 TeleMessage breach. Attackers exploited multiple vulnerabilities to access plaintext messages, fueling demand for capture tools that can be independently verified. This reflects Comma’s commitment to building compliance tools that earn trust through transparency.

“By publishing our WhatsApp and Signal capture tools, we invite scrutiny and collaboration, making compliance software more open for everyone,” said Jeremiah Church, CEO of Comma Compliance. “Transparency should be the default in RegTech, not the exception.”

Key Features

Security & Compliance. End-to-end encrypted capture: messages remain encrypted from device to connector, never exposed in plaintext. Content stays encrypted in transit and at rest to meet SEC and FINRA compliance regulations.
Open, inspectable capture logic enables firms to verify how messages are collected. Receipts prove each captured message is complete and unaltered.
Open-source licensing
- WhatsApp: Apache License 2.0
- Signal: GNU GPL v3
Self-hosting or Comma’s built-out SaaS. Source code available. No vendor lock-in, or use Comma’s built-in tooling.

Trademark Notice

WhatsApp is a registered trademark of Meta Platforms, Inc. This release, and Comma Compliance’s WhatsApp connector, are neither affiliated with nor endorsed by Meta Platforms, Inc. Signal is a trademark of Signal Messenger, LLC.

About Comma Compliance

Comma Compliance helps regulated firms stay compliant by capturing business communication across 35+ channels, with storage in an immutable archive. With a smart AI engine to flag risky messages and reduce false positives, Comma assists financial firms by reducing decision fatigue, preparing them for audits, and encouraging them to work smarter, not harder.

As part of its transparency-first approach, the privately held SF RegTech company has open-sourced its WhatsApp and Signal connectors.

Learn more at commacompliance.com.

Press Contact

Press@commacompliance.com +1 888-884-3318

###

FAQ for Journalists

Q: Is Comma Compliance affiliated with WhatsApp or Signal? A: No. Comma does not represent official products of WhatsApp LLC or Signal Messenger.

Q: Does open-sourcing the connectors expose security risks? A: We believe peer review improves security; secrets (keys, tokens) are supplied by customers at deploy time; no hard-coded credentials in source.

Q: Will using Comma automatically make us compliant with SEC/FINRA recordkeeping rules? A: Technology is one piece of the compliance arsenal. Firms must implement policies, retention schedules, supervision, and attestations. Recent SEC and FINRA actions show regulators examine culture of compliance, not just tooling.