Week of Sunday, April 26, 2026

A $32 million compliance startup fabricated the security certifications your vendor assessment depends on. The cascade that followed exposed how thin the trust layer beneath the AI supply chain actually is.

Delve Technologies sold automated SOC 2 (the audit standard companies use to prove their security controls work) and ISO 27001 (international information security certification) compliance. Y Combinator, the startup accelerator whose backing is itself a credibility signal, funded it. Hundreds of AI companies bought it. An anonymous researcher who accessed a leaked Google Spreadsheet of Delve's draft reports found that 493 of 494 used identical boilerplate text, with only the client's name and logo swapped in. Auditor conclusions and test results were fully populated before clients submitted company descriptions, network diagrams, or evidence. The certifying firms were Indian entities operating through US shell companies, not the recognized CPA firms the reports implied. Y Combinator expelled Delve in early April.

One of those certified companies was LiteLLM, an open-source AI gateway present in roughly 36 percent of cloud environments. On March 24, attackers compromised a security scanner in LiteLLM's build pipeline, stole the token used to publish software packages, and pushed two malicious versions to PyPI (Python's public software repository). The poisoned code ran for 40 minutes before it was quarantined. In that window, Mercor, a $10 billion AI staffing platform that generated training data for OpenAI, Anthropic, and Meta, auto-installed the compromised package. Attackers exfiltrated four terabytes: platform source code, 40,000 contractor records including Social Security numbers, video interview recordings with passport scans, and internal communications. Meta reportedly froze its AI data work with Mercor after the breach.

Five lawsuits landed within a week. The one that matters: White and Beltran v. Mercor (Northern District of Texas) names Delve and LiteLLM's parent company as co-defendants alongside Mercor. The legal theory connects the compliance fraud to the breach to the data loss as a single chain of liability. A vendor's fake certification made the next vendor's security unverifiable, which made the platform's data unprotectable.

The United States has sanctioned more than 1,000 Iran-related targets since February 2025. Iran is collecting an estimated $20 million per day in transit tolls through the Strait of Hormuz anyway, in currencies that never touch a dollar. The sanctions weapon has never been swung harder, and it has never mattered less to the revenue it was designed to cut off.

The Treasury Department's April 24 press release announced the designation of Hengli Petrochemical, China's second-largest independent refinery, for purchasing "billions of dollars' worth" of Iranian crude that generated "hundreds of millions of dollars in revenue for the Iranian military." Dozens of shadow fleet tankers and shipping entities went on the list the same day. Meanwhile, Iran's Islamic Revolutionary Guard Corps collected those tolls in Chinese yuan, routed through Kunlun Bank via CIPS (China's cross-border payment system, built to bypass SWIFT, the network banks use to move money internationally), or in cryptocurrency. Iran's parliament codified the system on March 30 as the "Strait of Hormuz Management Plan." Blockchain analytics firms Chainalysis and TRM Labs independently documented the on-chain flows and called it the first known instance of a nation-state levying transit fees in crypto at a critical maritime chokepoint. Before its sanctions waiver expired April 19, India settled an Iranian crude purchase in yuan through an Indian bank's yuan-denominated channel, bypassing dollar clearing entirely. Russia and China now conduct over 99 percent of their bilateral trade in rubles and yuan, per Russia's finance minister.

Chatham House published a measured counterargument on April 20. Analyst David Lubin noted that the dollar's share of SWIFT (the Society for Worldwide Interbank Financial Telecommunication) transactions rose to 51.14 percent in March, up from 49.25 percent in February. The dollar is strengthening as a safe-haven currency during the crisis. He is correct. But SWIFT measures what flows through SWIFT. Transactions settled via CIPS, bilateral currency agreements, or cryptocurrency do not appear in that data. The dollar is winning on the scoreboard it controls. The rival systems are building separate scoreboards.

Three weeks ago this newsletter reported that 45 states were writing AI rules while Washington watched. Washington stopped watching. On April 24, the Department of Justice (DOJ) joined a lawsuit to block Colorado's algorithmic discrimination law before it takes effect June 30. The federal government did not file a suggestion or a letter. It became a plaintiff. The argument: the law forces companies to consider race and sex when building AI systems, which violates the Equal Protection Clause (the constitutional bar on government-imposed discrimination). This is the first action by a DOJ task force created specifically to dismantle state AI regulation.

The same week, the Fifth Circuit (a federal appeals court covering Texas, Louisiana, and Mississippi) stripped the Federal Trade Commission (FTC, the agency that polices unfair business practices) of its primary enforcement tool. The court ruled that the FTC cannot adjudicate deceptive-advertising cases through its own internal process. Those cases now have to go through federal court, with juries, where they take years longer and cost far more to prosecute. The FTC's 20-year order against Intuit over TurboTax marketing was thrown out. The current FTC chairman has signaled he may not even appeal.

One agency is actively blocking state AI rules. Another just lost the ability to enforce consumer protection efficiently. Meanwhile, Texas extracted $1.375 billion from Google for privacy violations. California fined Disney $2.75 million for ignoring opt-out requests. Forty-two attorneys general warned that AI enforcement is a 2026 priority.

Insurance closed the Strait of Hormuz before Iran's navy did. On February 28, 56 tankers transited normally. Within 72 hours, traffic fell to eight vessels. That happened before Lloyd's Joint War Committee (the body that designates conflict zones for the insurance market) redesignated the Arabian Gulf on March 3, before U.S. intelligence reported Iran planting naval mines by March 10, and before the first ship was seized on April 22.

What happened in between was an insurance cascade. On March 1, the major protection and indemnity clubs (the mutual insurers that cover liability for every commercial vessel) cancelled their Persian Gulf war-risk extensions with 72 hours' notice. War-risk premiums, which had sat at 0.125 percent of hull value for years, surged past 1.5 percent within days and hit 5 percent for vessels linked to the US, UK, or Israel. For a supertanker with a $100 million hull, that repricing alone added $1.5 to $5 million per voyage before cargo, crew, or fuel costs. The total cost stack on a single Hormuz transit today runs $6 to $10 million above pre-crisis baseline.

A paper published this month by the Irregular Warfare Initiative, a joint project of the Modern War Institute at West Point and Princeton, argues that commercial insurance logic achieved the blockade before the Iranian navy did. The physical interdiction (mines, gunboats, ship seizures) reinforced a closure that was already in effect through premium repricing alone. The author recommends every combatant command (regional military headquarters responsible for a given theater) with chokepoint responsibility establish a dedicated insurance-market watch function. During the 1980s Tanker War (when Iran and Iraq attacked commercial shipping for seven years during their war), ships kept sailing despite 451 attacks because the insurance market adapted gradually. In 2026, the market moved in 72 hours and traffic dropped 95 percent.

Sulfuric acid is the reagent that processes copper ore, nickel, uranium, rare earths, and phosphate fertilizer. Nothing substitutes for it at industrial scale. The two major supply routes just closed simultaneously.

The first closure was physical. The Middle East produces roughly a quarter of the world's sulfur (a by-product of oil and gas refining), and about half of all seaborne sulfur trade transits the Strait of Hormuz. That supply has been blocked since February. Sulfur prices are up more than 70 percent this year.

The second closure was a choice. On April 10, China announced a comprehensive halt on sulfuric acid exports starting May 1. China produces over 40 percent of the global supply and exported 4.6 million tonnes last year. Much of China's acid comes from copper and zinc smelter exhaust, a supply chain entirely independent of Middle East sulfur. When Hormuz closed, global buyers could have pivoted to Chinese smelter acid as a workaround. Beijing shut that door.

The cascade is already moving. Chile, the world's largest copper producer, imports over a million tonnes of Chinese sulfuric acid annually. Spot prices there surged 44 percent in one month. Indonesia produces 60 percent of global nickel and sources the majority of both its sulfur and its acid from the two routes that just closed. Nickel plants are already cutting output by 10 percent. Fertilizer costs are projected to rise 15 to 20 percent in the first half of the year. New acid production capacity takes 18 to 24 months to build. There is no near-term substitution.

A CEO who signs a SOX certification (the annual sworn statement to the Securities and Exchange Commission that a company's internal controls work) is personally liable if the controls it vouches for don't exist. At Super Micro, a co-founder routed $2.5 billion worth of Nvidia AI servers through shell companies in Malaysia and Singapore to Chinese buyers between 2024 and 2025. Dummy boxes sat in Malaysian warehouses to fool compliance checks while the real hardware shipped. The DOJ unsealed the indictment March 19. Super Micro's stock dropped 33 percent, erasing roughly $6 billion in market cap.

The criminal charges hit three individuals under the Export Controls Reform Act (the law behind chip export restrictions to China). The company was not indicted. But seven securities class actions followed within days, naming the CEO and CFO personally. The liability standard is whether adequate controls existed, not whether the executives knew about the scheme. Signing the certification without that due diligence is the exposure.

More than a thousand solar farms, wind installations, and battery storage sites must register with NERC (the federal body that enforces power grid reliability) by May 15 and comply with cybersecurity standards for the first time. Most have never had a federal compliance obligation of any kind. The reason this is happening now: in 2021, a single electrical fault at a Texas solar facility cascaded across installations 200 miles apart and knocked 1,100 megawatts offline in seconds. The facilities were not connected to each other. They failed the same way because they were built the same way, with identical inverter settings that no federal regulator had reviewed.

These are mid-sized facilities, rated 20 MVA (megavolt-amperes, roughly enough capacity to power 15,000 homes) and above, that have operated outside federal oversight until this year. Many have never conducted a cybersecurity risk assessment, never inventoried their network-connected assets, never had a federal compliance obligation of any kind. They are going from zero to NERC CIP (Critical Infrastructure Protection) standards in a regulatory environment where non-compliance carries penalties up to $1.54 million per day per violation, plus potential loss of grid interconnection rights and energy market access.