By Nick French · Founder, StackSwap · 10yrs B2B SaaS GTM (BDR → AE → Head of Revenue) · Methodology →
Affiliate link · StackSwap earns a commission if you sign up for Deel via this page (no extra cost to you). We only partner with tools we'd recommend anyway. · Editorial standards →

Operator analysis · Deel-Rippling case · EOR vendor-governance risk · 2026

Deel Is Under a Criminal Probe and a RICO Suit — How to Weigh That If You're Choosing an EOR

Let me front-load the part that matters most: nothing here is proven, and no one has been charged. What is established is that Deel faces two serious, unresolved proceedings. A U.S. federal criminal investigation (grand-jury subpoenas from the Northern District of California, reported January 2026) is underway, and in February 2026 a judge let Rippling's civil RICO and trade-secret suit proceed toward trial. The underlying claim — that Deel cultivated a spy inside competitor Rippling — is an allegation. Deel denies wrongdoing, calls it a smear campaign, and has countersued.

I'm not here to tell you Deel did anything wrong — a court will decide that, not a content site. I'm here for the only question this actually puts on a buyer's desk: when a vendor that holds payroll, banking, and personal data for your entire workforce is under an active criminal probe, how should that weigh in an EOR decision? The answer is not "panic" and it is not "ignore it." It's diligence.

StackSwap is a Deel affiliate, which is exactly why I'm going to be careful here: I have a commercial reason to be glib about this, and I won't be. The read below is the same one I'd give a friend mid-EOR-evaluation — including the risk postures where the right move is to look at an alternative this cycle.

What is actually established — and what is alleged

The discipline this story demands is separating fact from claim, because the coverage blurs them. Here is the line.

Established: A federal criminal investigation exists (the U.S. Attorney for the Northern District of California issued grand-jury subpoenas, reported by the Wall Street Journal in January 2026). In February 2026, Judge Charles Breyer denied Deel's motion to dismiss Rippling's civil suit, ruling its RICO and trade-secret claims were legally sufficient to proceed — which means the case moves toward trial, not that the claims are true. Deel has acknowledged a roughly $6,000 payment to a then-Rippling employee, Keith O'Brien, in November 2024.

Alleged (by Rippling, and denied by Deel): that Deel cultivated O'Brien as a spy; that the $6,000 was payment for espionage, routed from a Deel-linked account through the personal account of the wife of Deel's COO. Deel's position: the payment was a one-time transfer at O'Brien's request as he left Rippling, not a spy payment; the broader claims are a "smear campaign"; and O'Brien's account is colored by his cooperation agreement with Rippling. A March 2026 Irish court ruling removed three Deel executives as defendants in a parallel Irish case — but that was a procedural joinder decision, not a finding on the merits or an exoneration. Read every espionage detail as one side's claim until a court says otherwise.

Why a competitor's lawsuit is your problem

It is tempting to file this under "two HR-tech giants throwing punches." But an EOR is not an ordinary vendor. When you sign one, you hand a single company payroll, tax, banking, and personal data for your entire workforce, often across borders, and you make it the legal employer of record for your people. The switching cost is brutal and the data exposure is total. That is precisely the kind of relationship where vendor governance — how a company behaves, how it handles adversity, what its leadership is accused of — stops being abstract and becomes a real input.

This is not a claim that Deel mishandles your data; there is no allegation of that, and Deel denies the espionage claims entirely. It is a narrower, sturdier point: active criminal and civil proceedings against a vendor you are about to make your employer-of-record are a legitimate diligence input — for management distraction, reputational exposure that can splash onto you, and the small but non-zero tail risk of an adverse outcome. A mature buyer prices that in. It does not mean the answer is no. It means the answer is "ask the questions and get the protections," which you should be doing with any EOR anyway.

The read by risk posture

Your postureHow the legal cloud weighsYour move
Risk-tolerant, Deel's product fit is strong, already a customerManageable — it's a top EOR and the claims are unprovenProceed; add a litigation-disclosure clause + clean exit terms, and monitor the proceedings
Evaluating EORs fresh, moderate risk toleranceA real tiebreaker, not a disqualifierShortlist Deel and 1-2 alternatives; let product fit, coverage, and the diligence answers decide
Regulated industry / enterprise procurement / board-sensitiveHeavier — headline and governance risk carry real weight hereConsider an alternative this cycle (Rippling, Remote, Oyster, Velocity Global); revisit when the cases resolve
Already on Deel, payroll running fineNo operational change; this is governance risk, not a service issueDon't rip out a working payroll mid-cycle on a headline; tighten your exit clause at renewal

The spread is the point: the same unresolved case is manageable for a risk-tolerant team with a strong product fit and close to disqualifying for a board-sensitive enterprise buyer. There is no single right answer — only the right answer for your risk posture, made on the facts.

What to ask before you sign any EOR

This is the part that outlives the case either way. Run it on every EOR, Deel included:

An active legal cloud does not invent these questions — it just makes them non-optional. If you want to compare the category honestly:

The honest caveats

Three, and they cut toward fairness. One: nothing is proven. A surviving lawsuit and an open investigation are not verdicts; Deel is entitled to the presumption that it has done nothing wrong until a court rules, and it firmly denies the allegations. Two: the product is genuinely strong. Deel is a category leader in EOR and global payroll for good reasons — coverage, speed, and a deep platform — and this case does not change that the software works. Three: the alternatives have their own histories. Rippling is the plaintiff here, not a neutral party, and every vendor carries some risk; "switch to escape risk" can just trade one set of unknowns for another. Diligence beats reflex in both directions.

So the buyer-side answer is not a boycott and not a shrug. It is: keep Deel on the table for its merits, weigh the unresolved proceedings honestly against your risk posture, ask the EOR questions you should be asking anyway, and get a clean exit clause regardless of who you pick. Decide like an operator, on the facts — not like a reader reacting to a headline.

Want to try Deel?

Evaluating Deel for EOR or global payroll? Keep it on the table for its merits — and run the diligence the legal cloud makes non-optional.

Deel is a category-leading EOR with deep country coverage, and the espionage allegations are unproven and denied. If the product fits and your risk posture allows, evaluate it like any critical vendor: data-handling and breach terms, a litigation-disclosure clause, business-continuity and clean exit terms, indemnification. Decide on the facts and the protections you secure — not the news cycle.

Evaluate Deel →Affiliate link — StackSwap earns a commission if you sign up for Deel. We only partner with tools we'd recommend anyway.

FAQ

A corporate-espionage dispute that has escalated into parallel legal proceedings. Rippling, a competitor, alleges Deel cultivated a spy inside Rippling's Dublin office to steal sales and competitive intelligence. Deel denies it and calls the claims a smear campaign. Two things are established as of mid-2026: (1) the U.S. Attorney for the Northern District of California opened a criminal investigation and issued grand-jury subpoenas (reported January 2026), and (2) a federal judge denied Deel's motion to dismiss Rippling's civil RICO and trade-secret suit in February 2026, letting it proceed toward trial. Critical framing: these are allegations. No one has been charged or indicted, and no court has found Deel liable or guilty. Deel has also countersued Rippling.

That is the core allegation, and it is unproven. Rippling alleges a then-employee, Keith O'Brien, acted as Deel's spy; Deel denies any wrongdoing. One narrower fact is partly established: Deel has acknowledged a roughly $6,000 payment to O'Brien in November 2024, but characterizes it as a one-time transfer made at O'Brien's request as he prepared to leave Rippling — not a payment for espionage. Rippling alleges the money was routed from a Deel-linked account through the personal account of the wife of Deel's COO as payment for spying. So the payment occurred; its purpose is contested and will be decided in court. Deel has also questioned O'Brien's credibility, noting his cooperation agreement with Rippling. Everything beyond the bare fact of the payment should be read as an allegation by one side.

Separate the two. Legally, Deel faces a serious civil suit now heading toward trial and an active federal criminal investigation — real, ongoing, and unresolved, though nothing has been proven. Financially, Deel is strong: it raised $300M at a $17.3B valuation in October 2025 (co-led by Ribbit Capital and Andreessen Horowitz), reports $1B+ in ARR, says it has been profitable for roughly three years, and its CEO has signaled intentions to go public. So this is a governance and litigation-risk story, not a solvency one. For a buyer, the relevant risk is reputational and continuity-related — headline exposure, management distraction, the small tail risk of an adverse outcome — not 'will this vendor still exist next year.'

Not automatically — and not as a verdict on guilt, which isn't ours or yours to render. Litigation is not proof, Deel denies the allegations, and it remains a category-leading EOR and global-payroll product that a lot of teams run happily. But here is the operator reality: an EOR holds payroll, banking, and personal data for your entire workforce. When a vendor in that position is under an active criminal probe and a RICO suit, that is a legitimate input to your diligence, not gossip to wave off. The move is not panic; it is informed. Ask Deel directly how the proceedings affect data handling and continuity, document the answer, put a clean exit clause in the contract, and know that credible alternatives (Rippling, Remote, Oyster, Velocity Global) exist if your risk tolerance says so.

Run the same diligence on every EOR, Deel included. One: data handling — where your employees' payroll and PII are stored, who can access them, and the security and breach-notification commitments. Two: a litigation and regulatory disclosure clause — the vendor discloses material proceedings that could affect service, and you get a remedy if they do. Three: business continuity and exit — how you offboard payroll and data cleanly, and how fast, if you need to leave. Four: indemnification and insurance coverage. Five: where the legal entity and your data are domiciled. None of this is specific to Deel; an active legal cloud just makes the questions you should already be asking non-optional.

By risk posture. If you are risk-tolerant and Deel's product fit is strong, it remains one of the best EOR products on the market — proceed, but write the litigation into your diligence and secure a clean exit clause. If you are risk-averse, in a regulated industry, or running enterprise procurement where headline risk carries real weight, the active proceedings may tip you toward an alternative this cycle, with a plan to revisit once the cases resolve. Either way, decide on the facts — a probe and a suit exist; the allegations are unproven; Deel denies them — not on the headline. The worst version of this decision is reacting to a dramatic news cycle in either direction.

Related reading

Canonical URL: https://stackswap.ai/deel-rippling-doj-probe. Sources: Wall Street Journal (DOJ probe / grand-jury subpoenas, Jan 2026, via Calcalist and TechCrunch); Bloomberg Law (Judge Breyer's Feb 2026 denial of Deel's motion to dismiss); Irish Times (March 2026 Irish High Court ruling removing three execs, a procedural decision); TechCrunch (the $300M / $17.3B October 2025 round); Deel's own statements and blog for its denials and position. Every description of the alleged conduct is an unproven allegation; no court has found Deel liable, no one has been charged, and Deel denies wrongdoing. Nothing here is legal advice. Disclosure: StackSwap is a Deel affiliate. We have a commercial relationship with Deel and still published the honest operator read, including the risk postures where an alternative is the better call. We affiliate across this category and earn the same disclosed commission, so the analysis isn't shaped by who pays us.