Gartner, Inc., a research and advisory company providing insights on business and technology trends, reports that the slow-growth economic environment, driven by tariff-related trade tensions and other factors, emerged as the top concern among enterprise risk leaders in the third quarter of 2025.
The Q3 2025 report, based on a survey of 184 senior risk and assurance executives, shows that artificial intelligence (AI) risks are rising rapidly.
According to Gartner, AI-related risks linked to information governance climbed from the fourth most cited concern in Q2 2025 to the second in Q3, while shadow AI increased from fifth to third as organisations struggle to monitor and manage its use effectively.
“The top five emerging risks in the third quarter highlight a continuum of concern related to two broad themes for enterprises that emerged in the second quarter: A volatile low-growth macroeconomic environment, and AI as the disruptive technology that can increase compliance risks quickly as it is adopted by the mainstream,” commented Gamika Takkar, Director, Research, in the Gartner Risk & Audit Practice.
Gartner’s analysis emphasises that as risks become more complex, enterprise risk leaders are increasingly challenged to identify which signals require immediate attention. While 72% of respondents indicated that taking timely action is critical, only 15% felt confident in determining which risks should be prioritised.
Takkar explained, “Amid varying emerging risk signals, heads of ERM should prioritise tactics to identify emerging risks that require immediate stakeholder attention for timely response.”
Gartner recommends that risk leaders set impact thresholds across multiple dimensions, including regulatory, legal, reputational, and ESG factors, to highlight the most pressing risks. They should also evaluate how emerging risks align with organisational strategic priorities to prevent must-avoid outcomes and factor in response time alongside the speed and potential impact of each risk.
According to Gartner, regulatory issues can lead to licensing or compliance complications, legal challenges may set precedents, and reputational or customer impacts could result in long-term damage and loss of trust.
“Enabling ERM leaders to navigate the noise and identify risks that require timely action is top of mind for any enterprise,” added Takkar. “To make sense of conflicting signals, leaders must be cognizant of risk prioritisation tactics and ensure timely stakeholder to avoid strategic derailment.”
About the Author
