NEW YORK, Dec. 16, 2024 — According to a new report from Liminal, a leading market and competitive intelligence technology company, third-party risk management solutions are projected to see a massive surge in global spending. By 2030, the market is set to more than double, growing from $9.0 billion in 2025 to $19.9 billion. As third-party ecosystems expand, security threats multiply, and regulations tighten, this rapid growth reflects a decisive market shift for companies striving to protect their data, operations, and reputations.
Liminal’s research reveals a concerning trend among organizations in their third-party risk management solutions strategies. Despite managing an average of over 250 third-party relationships, many organizations struggle to maintain effective oversight. Alarmingly, fewer than half of these organizations engage in ongoing monitoring of their vendors, relying instead on static questionnaires and annual audits that have proven to be insufficient. This static approach has led to a significant lack of confidence, with fewer than 10% of professionals expressing trust in the assessments conducted through these methods.
As compliance requirements become increasingly stringent—highlighted by the staggering fines associated with GDPR violations, which have reached billions of dollars—the shortcomings of these outdated practices become even more evident. Moreover, the landscape of threats is evolving rapidly, particularly with the rise of AI-driven scams and vulnerabilities associated with cloud computing. Consequently, these traditional monitoring methods are ill-equipped to identify emerging risks, leaving organizations vulnerable and exposed to potential crises.
While most organizations recognize the urgency of new risk conditions and have increased their TPRM budgets, practitioners cite that progress is stalled by fragmented spending, siloed information, and manual workflows. The report shows that firms that invest in continuous monitoring, automation, and integrated solutions gain a clear advantage. By shifting from reactive, error-prone approaches to always-on, data-driven insights, decision-makers can detect vulnerabilities early, meet regulatory requirements more effectively, and foster stronger trust across their supply chains.
“With TPRM spending nearly doubling and fewer than half of organizations conducting real-time checks, the data shows a clear mandate: it’s time to evolve from basic, outdated compliance tasks to continuous, forward-looking risk intelligence,” said Travis Jarae, CEO of Liminal. “Leading companies leverage automation and integrated analytics to stay ahead of emerging threats, turning risk management into a strategic advantage.”
Key Insights from The Market and Buyer’s Guide for Third-Party Risk Management:
- Rapid Market Growth: Spending on third-party risk management solutions is set to more than double—from $9.0 billion in 2025 to $19.9 billion by 2030 at a 17.1% CAGR—as businesses grapple with mounting cybersecurity threats and new regulations.
- Lagging Maturity: Only 9% of organizations have fully advanced TPRM capabilities, leaving most struggling to safeguard their operations and reputations.
- Visibility and Trust Issues: Fewer than half of companies continuously monitor their third parties; 83% say current risk assessment methods are too complicated, and many doubt the reliability of vendor-provided information.
- Emerging Risks: Most firms acknowledge the urgency of AI governance and cloud vulnerabilities, but fewer than half have moved beyond awareness to action.
- Future-Focused Readiness: As 42% of organizations target advanced TPRM within 24 months, investment in solutions that tackle AI and cloud vulnerabilities will be a defining trend.
- Fragmented Spending: In the past two years, most businesses allocated 10% or less of their critical risk management budgets to TPRM, and today’s budgets remain scattered across functions—limiting strategic impact.
- Data and Automation as Catalysts: With 86% of practitioners surveyed prioritizing data accuracy and 82% calling automation critical, organizations now view integrated, real-time solutions as game changers for closing risk gaps.
- Shift to Continuous Monitoring: Over the next two years, more companies plan to invest in advanced, always-on monitoring tools, aiming to move beyond static checks toward faster, smarter responses to emerging threats.
“From healthcare providers working to safeguard patient data against potentially compromised supply chains to financial institutions navigating emerging regulations and data handling risks, the stakes have never been higher,” said Joe Stuntz, Principal Advisor at Liminal. “Leaders who invest in advanced analytics, integrated solutions, and real-time monitoring not only mitigate threats—they position their organizations for sustained growth and trust in a digital-first economy.”
