New Mitratech Study Finds Third-Party Risk Management Ecosystems Under Strain Amid Regulatory, Technological, and Resource Pressures

AUSTIN, Texas, June 25, 2025 (GLOBE NEWSWIRE) -- Mitratech, a leading provider of legal, risk, compliance, and HR solutions, today announces the findings of its 2025 Third-Party Risk Management (TPRM) Study, revealing how current interconnected vendor ecosystems are being reshaped by regulatory pressure, workforce shortages, and cautious adoption of artificial intelligence (AI). 

The study, based on insights from risk, compliance, and procurement professionals across industries and geographies, paints a compelling picture of a sector at a critical inflection point. As organizations expand their third-party networks, most TPRM programs remain under-resourced and overly reliant on manual tools, undermining visibility and incident readiness.

“Modern third-party ecosystems function like living systems — they require balance, coordination, and resilience,” said Henry Umney, Managing Director, GRC Strategy at Mitratech. “This study highlights the urgent need for organizations to evolve their risk programs in response to the ever-evolving regulatory landscape and the growing complexity of digital supply chains.”

Key Findings from the 2025 Study:

• Resource Shortages Undermine Risk Coverage: Nearly 70% of TPRM teams are understaffed, managing just 40% of their vendor base on average.
• Regulatory Involvement Has Doubled: Compliance team involvement has jumped from 42% in 2023 to 88% in 2025, driven by increasing scrutiny in data privacy and operational resilience.
• Cybersecurity Still Leads, But Risk Tracking Diversifies: While 85% of organizations track cybersecurity risk, growing attention is also being given to data privacy (79%), compliance (70%), and business continuity (64%).
• Manual Tools Remain Prevalent: 41% of organizations still rely on spreadsheets, with only 29% able to assess risk across the entire vendor lifecycle.
• AI Adoption Gains Ground with Caution: 65% of respondents are exploring AI use cases, and 14% are already using AI in their TPRM programs — up from 5% last year — although data security and oversight remain key concerns.
  
  

The study concludes with five key recommendations for risk professionals to build healthier, more adaptive TPRM ecosystems, including implementing cross-functional governance, prioritizing automation, and approaching AI with transparency and strategic intent.
Download the full study here.

Contact
Ashley Estilette
pr@mitratech.com