Decorative dot pattern
POSTED ON 24-July-23

Established in 2012, Canberra-based scale-up Castlepoint Systems has been at the forefront of transforming the way organisations safeguard their data through the use of ethical AI. With a mission to revolutionise global information management, Castlepoint scalable and transparent AI enables organisations to safeguard communities and people from data breaches and data non-compliance.


Now boasting offices in Australia, UK and USA, Castlepoint Systems’ CEO, Rachael Greaves, recently caught up with the Canberra Cyber Hub to share Castlepoint’s story along with valuable insights on the opportunities and challenges for companies looking to expand internationally.


Please provide an overview of Castlepoint Systems and its services

Castlepoint is a Regulatory Technology (RegTech) and cyber solution that leverages ethical AI to provide control over data. Through Natural Language Processing (NLP), Castlepoint creates a centralised information asset register to extract key phrases and named entities and establish their relationships. Its proprietary AI classifies content based on rules-as-code, ensuring automatic data matching according to information security, records retention, and regulatory policies. This unified interface empowers organisations to efficiently manage all their information and streamline their management like never before.

Castlepoint also provides valuable insights by identifying high-risk or valuable content and tracking user actions, determining applicable rules (secrecy, privacy, records retention), and flagging any violations. Seamlessly integrating cyber security and data governance, Castlepoint’s scalable AI offers governance and risk teams a comprehensive view of their environment, safeguarding against data breaches and non-compliance.


How did you come up with the idea/product for Castlepoint Systems and what made you take that initial leap in setting up shop? 

In 2012, the Castlepoint founders established a consulting company, providing security, records management, and audit services to the Australian Federal Government and regulated industries. They observed that regulated entities consistently failed to protect high-risk and high-value information, despite their desire for governance, risk, and compliance. Existing software solutions for records, security, and discovery caused more problems than they solved, impacting users, systems, data, and governance teams.

Recognising the need for a new approach, Castlepoint’s founders envisioned an information management solution that could handle all data types across various platforms, both on-premises and in the cloud. It needed to address the entire information lifecycle, as security, compliance, and discovery are interconnected, all without affecting normal user workflows or requiring system modifications.

Thus, the Data Castle Paradigm was created, an expert-designed solution that met over 900 requirements from laws and standards. It leveraged new AI technology and was built to be simple, scalable, and secure, becoming the pioneering manage-in-place solution using AI that revolutionised information management.


What made you decide to expand internationally and what steps did you take to make this happen?

Our vision is to revolutionise information management worldwide, enhancing safety and intelligence for individuals, communities, and companies. While the Australian market offers significant opportunities for RegTech, the negative impacts of poor information management are realised globally. To make a meaningful impact, we felt the need to expand beyond Australia and New Zealand.

Conducting extensive research into foreign markets, we collaborated closely with AusTrade, as well as international entities such as the UK Department of Business and Trade and Scottish Development International. We actively participated in multiple trade delegations to the UK and USA alongside Austrade. Based on our findings, we made a strategic decision to establish the UK as our global hub while maintaining a presence there.

This year, we relocated key members of our executive team to the UK to support our growth and expansion efforts.


What challenges have you faced throughout this process?

Obtaining skilled talent is challenging due to the disruptive nature of our solution and its utilisation of cutting-edge technology. Recruiting individuals with hands-on experience in our specific technology stack requires a meticulous and consistent talent search. Additionally, since we operate in the realm of secure government agencies, stringent security vetting for our staff further narrows the available talent pool.

From the beginning, we have prioritised fostering a culture centred around our people's well-being and career progression. This approach has enabled us to attract exceptional candidates and retain them for the long term. As a result, our talent challenge is more manageable, as most of our team members are referred to us rather than sourced through recruiters.


What advice do you have for any other businesses looking to crack the international market? 

Thorough research into the logistical aspects of entering a new market is crucial. Each jurisdiction has its unique regulations regarding company incorporation, taxation, prequalification, visas, and other requirements. The positioning process itself can span over 12 months or longer and entails various ancillary activities, such as obtaining an ISO certification.