The Ncontracts 2025 Third-Party Risk Management Survey breaks down the biggest trends, risks, and strategies shaping third-party risk management (TPRM) at financial institutions today. Highlights: Most FIs Are Running Lean 73% of institutions have two or fewer full-time employees managing vendor risk, even though more than half oversee 300+ vendors. Regulatory Pressure is High Two-thirds of institutions feel pressure to enhance TPRM programs, with auditors and regulators often pushing for improvements. Cyber and AI Risks Are Top Concerns Nearly half of institutions experienced a third-party cyber event last year, and AI ranks as the second-biggest TPRM risk heading into 2025. Due Diligence Remains a Challenge Collecting and analyzing vendor documents is a top bottleneck. Most FIs See Strong ROI in TPRM 85% of financial institutions see moderate to high value from their TPRM programs, benefitting from improved cybersecurity, cost savings, and stronger vendor oversight.