EY 2025 Global Survey Finds TPRM “Ripe for Transformation” by AI

“AI agents enable TPRM to be streamlined and centralized as never before”

By Jeff Copeland

The 2025 EY Global Third-Party Risk Management Survey of 500 executives at major companies critiques conventional TPRM as slow, siloed and disconnected from business goals even as “companies rely more than ever on large numbers of specialized service providers.”

The good news from EY: “TPRM has never been more ripe for transformation…The [big] opportunity with AI is in using it to fundamentally reinvent TPRM, making it more resilient and aligned with the new risk environment…AI agents enable TPRM to be streamlined and centralized as never before. It’s a future that may be a lot closer than many assume.”

Read the EY report: How AI navigates third-party risk in a rapidly changing risk landscape

Key Findings from the EY TPRM Survey

—57% of companies surveyed said their number one third-party risk exposure is disruption of business operations. “Business continuity and resilience” showed the sharpest rise in importance since the previous survey. 

—Companies take control assessments of third parties more seriously than ever; 87% said they would react urgently if vendors did not respond to questionnaires in a timely way. 

—Also rising in importance: Fourth-party risk. 64% of survey respondents said that they assess their vendors’ vendors as part of risk management.

—The top driver of future investment in TPRM programs is “AI/ML capabilities for enhanced due diligence and contract performance/monitoring” (31% of respondents).

7 Ways “AI Could Create Significant Efficiencies” and “Reinvent” TPRM, According to EY

1. Vendor Identification – AI scans databases and pre-populates vendor information
2. Risk Assessment – risk scores based on historic and predictive data. 
3. Due Diligence – compliance and other records from vendors ingested by AI 
4. Contract Negotiation – AI analyzes contract terms to identify points for improvement
5. Onboarding – automated workflows
6. Monitoring – continuous risk tracking of vendors with “real-time data”
7. Incident Management – “risk scenario analysis to foresee  domino effect.”

EY predicts that this AI-driven model for TPRM is heading toward a “tipping point” as the number of third-party relationships grows, and “the new generation of AI models, including agentic AI” bring “breakthrough capabilities.”

At SAFE, We Think the ‘Tipping Point’ Is Now

In fact, our new TPRM solution already meets EY’s seven points of significant efficiencies. The industry’s first autonomous TPRM platform, powered by a growing team of AI “super agents,” eliminates manual effort for vendor identification, risk assessment, onboarding, and the rest of the third party risk management lifecycle – so you can scale TPRM without adding headcount.

Test Drive SAFE TPRM Now

Video: See SAFE TPRM in Action 

Blog Post: Reinventing TPRM: Why SAFE Built the First 100% Autonomous Platform – Discover how you can benefit from :

– Automated Onboarding: Easy upload of forms or leverage your contract management system, authentication or SSO tools, or other TPRM tools such as ServiceNow

– Automated Risk Assessments: AI agents run outside-in scans of controls, analyze questionnaires, public records and contracts and assess the vendor’s digital footprint. Result: Smart tiering of vendors for risk. 

– Automated Vendor Interactions: No more time wasted chasing down vendors – smart email followups keep the conversation going. 

– Automated Assessment of Vendors: Live risk dashboard keeps you on top of the entire third-party risk landscape – for instance, noticing that a critical payments processor lacks a backup or that multiple vendors use the same fourth-party software.