Skip to main content

10 Enhancing Parties & Workforce

Ten Key Regulatory Challenges of 2026

Columns

Third-Party Risk Management remains a focus of regulators, highlighting oversight of the full lifecycle of third-party relationships, especially critical service providers. Concurrently, employing a skilled workforce is a critical element for both regulators and organizations.

Ten Key Regulatory Challenges of 2026


“Business leaders are now leveraging worker’s safety as a competitive edge, moving beyond compliance to make critical investments in their workforce that foster resilience, build trust, and drive business success.” 

Kirk Caron
Managing Director
Advisory


“Dependence upon third-/fourth-party providers has become entrenched in most companies’ business models, elevating operational risk (non-financial risk) as well as regulatory scrutiny. Regulators expect companies to enhance third-/fourth-party governance, processes, and technology use to reduce risk, streamline operations, expand coverage , and strengthen resiliency.” 

Joey Gyengo
Principal
Advisory

Third-Party Risk Management

10 Enhancing Parties & Workforce

Continued focus on the full lifecycle of the relationship with third parties including initial due diligence, contract negotiation, ongoing monitoring and oversight, and termination. Oversight extends to fourth parties and beyond, including potential re-assessment to accommodate sanctions and tariffs.

Examples

What to Watch

  • Guidance on managing third-party risks (e.g., NYDFS Industry Letter)
  • Dedicated oversight category in 2025 to “Third-Party Risk Landscape” (i.e., FINRA 2025 Annual Regulatory Oversight Report)
  • Enforcement actions focused on consumer harm and lack of due diligence of third parties (e.g., FTC)
  • Potential geopolitical impacts (e.g., tariffs and sanctions) will require visibility into third-party/vendor chains
  • Demands for a comprehensive and proactive approach to third parties, integrated across the enterprise, and potentially folded into enterprise risk management
  • Enforcement priorities on third-party liability, including data privacy/data collection, consumer protection and due diligence

Concentration Risk

10 Enhancing Parties & Workforce

Increasing reliance on third parties, and in many cases a small number of the same third parties, increases risk (e.g., financial stability, contagion) requiring ongoing assessment and monitoring, especially those supporting an entity’s critical services. Third parties may allow for a single point of failure or create systemic vulnerabilities.

Examples

What to Watch

  • Technology-focused third parties and impact to financial institutions and the market (e.g., Federal Reserve Bank of Boston, Chicago and Dallas Paper)
  • Requirement for sound third-party risk management (e.g., OCC Spring 2025 Semiannual Risk Perspective)
  • Limited number of providers for critical infrastructure services introduces risk management concerns (e.g., CFTC 2025 Regulators Roundtable)
  • Creation of an interagency technology service provider supervision program to assist banks with their ongoing monitoring of third-party risk (e.g., FRB Cybersecurity and Financial System Resilience Report) 
  • Increased interconnectedness between financial institutions and dependency on third parties due to limited numbers of service providers in certain spaces such as AI and cloud services

Dynamic Workforce

10 Enhancing Parties & Workforce

Balancing the Administration’s federal reductions in force initiatives with the need for experienced and knowledgeable regulators to respond to emerging risks in technology, cybersecurity and digital assets. Complemented by industry emphasis to align employee training with employer needs.

Examples

What to Watch

  • Announced plans for workforce reductions in 2026 (e.g., FRB Statement (Bowman), SEC Statement (Atkins))
  • Highlighting need for enhanced regulator’s expertise and skills (e.g., CFTC 2025 Regulators Roundtable)
  • Building talent pipelines and workforce development (e.g., DOL America’s Talent Strategy Report, AI Action Plan)
  • Federal agencies mass layoffs (e.g., Supreme Court ruling)
  • Continued reductions in force and reorganizations of federal agencies and regulators
  • Continued shift of workforce from federal agencies to state agencies (e.g., more than 200,000 federal employees left the workforce in 2025), certain states implementing hiring campaigns to recruit laid-off federal workers
  • Industry investment in continuous learning, shift towards skills-based hiring

Protecting Workers

10 Enhancing Parties & Workforce

Heightened attention to physical security and employee well-being through workplace safety laws. Focus on protecting employees from unfair or deceptive practices, including impacts of AI-driven workplace monitoring such as biometric surveillance.

Examples

What to Watch

  • Introduced legislation across states focused on workplace and psychological safety, including healthcare professionals, and heat safety standards
  • Proposed modernization of workplace safety standards (e.g., OSHA proposed rule)
  • Treatment of employees as consumers too, ensuring no unfair or deceptive practices (e.g., FTC Joint Labor Task Force)
  • States to continue to introduce workplace safety legislation, with a focus on public health and emerging safety risks (e.g., psychological safety, workplace violence prevention, heat hazard protections)
  • Enforcement through data-driven inspection programs
  • Focus on deceptive, unfair and anticompetitive labor-market practices (e.g., no-hire agreements, noncompete agreements)

10 Enhancing Parties & Workforce

Read the document

Download the Section

Dive into our thinking:

Ten Key Regulatory Challenges of 2026

Balancing the Regulatory Stack

Download PDF

Explore more

Points of View

Points of View

Insights and analyses of emerging regulatory issues and their impact.

Read more
Regulatory Insights View

Regulatory Insights View

Series covering regulatory trends and emerging topics

Read more

Regulatory Alerts

Quick hitting summaries of specific regulatory developments and their impact.

Read more

Get the latest from KPMG Regulatory Insights

KPMG Regulatory Insights is the thought leader hub for timely insight on risk and regulatory developments.

Subscribe

Meet our team

Image of Laura Byerly
Laura Byerly
Managing Director, Clients & Markets, Regulatory Insights, KPMG LLP
Read bio
Image of Kirk Caron
Kirk Caron
Director Advisory, ICA: Infra-Cap Proj-ClimateAdv, KPMG LLP
Read bio
Image of Joseph P Gyengo
Joseph P Gyengo
Principal, Advisory, Risk Services, KPMG US
Read bio
Image of Laura Byerly
Laura Byerly
Managing Director, Clients & Markets, Regulatory Insights, KPMG LLP
Read bio
Image of Kirk Caron
Kirk Caron
Director Advisory, ICA: Infra-Cap Proj-ClimateAdv, KPMG LLP
Read bio
Image of Joseph P Gyengo
Joseph P Gyengo
Principal, Advisory, Risk Services, KPMG US
Read bio

Thank you

Thank you for signing up to receive Regulatory Insights thought leadership content. You will receive our next issue when we publish.

Get the latest from KPMG Regulatory Insights

KPMG Regulatory Insights is the thought leader hub for timely insight on risk and regulatory developments. Get the latest perspectives on evolving supervisory, regulatory, and enforcement trends. 

To receive ongoing KPMG Regulatory Insights, please submit your information below:
(*required field)
All fields with an asterisk (*) are required.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's . Privacy Statement

An error occurred. Please contact customer support.

KPMG. Make the Difference.


Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation. KPMG LLP does not provide legal services.

The information contained herein is not intended to be “written advice concerning one or more Federal tax matters” subject to the requirements of section 10.37(a)(2) of Treasury Department Circular 230.

© 2026 KPMG LLP, a Delaware limited liability partnership, and its subsidiaries are part of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.
All fields with an asterisk (*) are required.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's . Privacy Statement

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Search now!

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Submit

Office locations

View locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Learn more

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Contact

Headline