Support Investors Partners About us
For investors · Letter 01 / 2026

A long-duration bet on agents that
defend life-critical work.

Qualitum is the private agentic platform for regulated industries - engineered in the EU, deployed inside customer perimeters in the US and the Gulf, and audited everywhere.

Open a diligence track Read the thesis
§01 Thesis

The last decade of enterprise software was a filing cabinet with a workflow bolted on. Humans authored; systems tracked. In pharma, medtech, energy, and the public sector, that model consumed tens of thousands of human hours per plant, per study, per procurement - and produced paper whose only purpose was to prove the work had been done.

The next decade belongs to the opposite shape. Agents that author, execute, and defend the work - and a system of record that emerges as a byproduct. The human job compresses to judgment, exception, and signature. The organisation does not shrink; its throughput multiplies, and the slowest lane - regulatory assurance - becomes the fastest.

Qualitum is the private agentic platform built for that compression, inside the only environments where it matters most: the ones where getting it wrong costs lives, licences, or billions.

Matt Baškovč Founder & CEO, Qualitum · Principal, Benchmarked Group
Ljubljana, 2026
§02 · At a glance

The numbers that earn the thesis.

/ 01
Authoring time
70%

Reduction in validation authoring time across live IQ/OQ/PQ protocols in design-partner accounts.

/ 02
Time-to-audit
12wk

Kickoff to the first agent running inside a customer's GxP environment under full audit.

/ 03
Source-to-contract
4×

Faster supplier pre-qualification versus incumbent source-to-pay tooling.

/ 04
Anchor account
T10

A global top-10 pharmaceutical manufacturer. GenAI validation and comparison tooling in production.

/ 05
Deployment
1T

Single-tenant by design. Customer VPC. EU, US, or UAE residency. Zero vendor data retention.

/ 06
Gross margin target
80%+

Software-native economics preserved by routing inference to customer-owned model endpoints.

/ 07
Team provenance
2×

Prior founder exits. Payments scaled to $1.2B in volume. Fractional CISO operator background.

/ 08
Regulatory surface
6

Engineered in: GAMP 5, 21 CFR Part 11, EU AI Act, GDPR, Directive 2014/24/EU, ISO 27001.

§03 · Structure

Three systems. One operating layer.

Qualitum is not a single product. It is a coherent agentic layer underneath the systems of record regulated enterprises already run - priced as software, deployed as infrastructure, sold as a quarter-over-quarter reduction in human rework.

System / 01

Validate·AI

Agentic CQV: IQ, OQ, PQ, CSV. Protocols authored from URS and P&ID, traceability matrices continuously maintained, deviations triaged, inspection-ready evidence packs produced. Aligned to GAMP 5, Annex 11, and 21 CFR Part 11.

TAM · Pharma · Medtech $12B+
System / 02

Source·AI

Intake to PO. Agents draft specifications, shortlist qualified suppliers, run compliant RFQs, and negotiate within policy envelope. Source-to-contract cycle collapsed 4× versus legacy S2P incumbents.

TAM · Enterprise S2P $9B+
System / 03

Tender·AI

A digital Dynamic Purchasing System compliant with EU Directive 2014/24/EU. Continuous admission review, mini-competition orchestration, MEAT evaluation, and the defensible audit trail supervisory bodies require.

TAM · EU public sector $4B+
§04 · Tailwind

The forcing functions are already on the calendar

Regulation is the distribution channel. Each window below compresses enterprise timelines and forces committee-level decisions that legacy digital-validation platforms were not architected to answer.

'24
Live
EU AI Act - phased entry
High-risk systems obligations begin. Transparency & oversight documentation become a requirement.
'26
Now
NIS2 & DORA enforcement
Cyber-resilience obligations land on regulated operators. Audit debt surfaces at the board level.
'27
Hard deadline
EU Cyber Resilience Act
OT & IoT manufacturers must ship with machine identity. Category catalyst for adjacent offerings.
'28
Expected
GxP Annex 22 (AI)
Explicit GxP guidance on AI in life sciences. Purpose-built platforms are advantaged by design.
'30
Horizon
eIDAS 2.0 full effect
Sovereign identity rails mature. Cross-border regulated-procurement unlocks at scale.
§05 · Market

A market paid in human-hours saved

The total addressable opportunity is not a software line item. It is the fraction of the GxP, procurement, and public-tender labour budget that agents can lawfully absorb inside a private perimeter.

Incumbent digital validation vendors collectively produce roughly $3B in annual revenue against a human-labour footprint an order of magnitude larger. The delta - the work itself, not the filing cabinet around it - is what becomes addressable once agents are trusted to author and defend.

Qualitum's serviceable obtainable market is the intersection of three conditions: regulated, data-sensitive, and inspection-ready. That intersection is where our architecture is a requirement, not a preference.

TAM · Global
$120B
SAM · Regulated
$68B
SOM · 5-year
$2.1B
Methodology · Bottom-up across pharma CQV, enterprise S2P, and EU DPS procurement spend.
Human-labour baseline · Internal benchmarking across design-partner engagements, 2024-2026.
§06 · Moat

Four structural advantages

Most agentic AI companies are horizontal and permissive. That is a wide target, not a moat. Qualitum's advantages accrue from the constraints - security envelope, regulatory posture, and operator distribution - that horizontal incumbents cannot retrofit.

Architecture/ 01

Private by construction

Single-tenant VPC. Customer-owned models. Zero vendor retention. The deployment shape an InfoSec team signs without exception - which horizontal agentic platforms cannot reproduce without rebuilding.

Regulatory/ 02

GxP-native evidence

Every agent action logged with attributable signatures, immutable timestamps, and tamper-evident chains. Audit-ready is the default output, not a retrofit - a compounding advantage as inspections land.

Distribution/ 03

Operator wedge

Forward-deployed engineering is the go-to-market. First agent lives inside the customer perimeter in 8-12 weeks, co-built with our engineers. Trust is installed, not pitched.

Data flywheel/ 04

SOP-grounded, not user-generic

Agents are grounded in the customer's SOPs, URS libraries, and deviation history - producing outputs their auditor recognises. Each deployment deepens the template library without crossing data boundaries.

§07 · Operator

Built by operators, not observers

Qualitum is the fourth company and second category Matt Baškovč has built. The constraint set of this one - regulated, private-tenant, operator-led - is the constraint set the team is cut for.

MB · LJ · 2026Founder
Matt Baškovč · Founder & CEO

The sovereign-AI practitioner.

Two prior exits. A fractional-CISO background spanning PCI DSS, NIS2, DORA, GDPR, and ISO 27001. Payments infrastructure scaled to $1.2B in transaction volume. Active operator across Benchmarked Group's forward-deployed engineering practice - the delivery arm that installs Qualitum inside customers.

The company is staffed from the same operator network: zerodays as engineering partner; OT/IoT specialists from adjacent portfolio work; regulatory counsel embedded across EU, US, and UAE. The team does the work, then builds the system that does the work.

2×
Founder exits
$1.2B
Payments scaled
3
Markets · EU · US · UAE
§08 · Disclosures

Questions we are asked most often

A short list, maintained as the cap table expands. Full detail is available under NDA to qualified diligence participants.

Is Qualitum currently raising?
Qualitum selectively engages with strategic capital partners whose networks materially advance commercial entry into GxP, OT/IoT, and regulated-procurement accounts. We do not run public processes. Interested parties are routed through a standard diligence track with the founder and lead counsel.
What is the commercial model?
Private-tenant annual subscription priced per agent class and audited environment, with a forward-deployed engineering component during initial deployment. Gross margin profile targets 80%+ at steady state; customer-owned inference preserves software-native economics even when frontier models are used in-workflow.
How is this defensible against frontier-model incumbents?
Frontier-model vendors optimise for general capability and multi-tenant scale; we optimise for private-tenant GxP posture, evidence chains, and SOP grounding. Our customers do not swap us out for a raw API because the raw API does not produce an inspection-ready record their regulator accepts. We remain neutral on which model runs underneath.
Why Ljubljana?
EU-resident engineering, proximity to GxP manufacturing clusters, and a regulatory lens that is advantageous rather than retrofitted. We deliver into the US and the Gulf from an EU operating base - a structural cost and compliance advantage versus US-headquartered peers targeting the same accounts.
What is the data-and-IP posture with customers?
Customer data does not leave the customer perimeter. We do not train on customer inputs. IP produced during forward-deployed engagements is assigned per contract; the core platform, evidence schemas, and agent orchestration are retained by Qualitum. Full DPA and ISO 27001 / SOC 2 II alignment are standard.
Who is on the cap table today?
Founders and operating partners from prior exits; Benchmarked Group as operator-investor; and a small set of strategic customers and advisors. Terms and identities are disclosed under NDA to qualified diligence participants via investors@qualitum.ai.

This page is an informational overview prepared by Qualitum. It is not an offer to sell, nor a solicitation of an offer to buy, any securities. Forward-looking statements reflect current views and are subject to change. Full diligence materials are provided under NDA.

The next letter will be shorter, and paid for by the work.

Qualitum engages selectively. Open a diligence track, or meet the team when we are in New York, Basel, or Dubai.

Open a diligence track See the platform