The risk present when your third party fails to comply with laws or industry-specific guidelines. Your organization is liable for your third party’s compliance and can be subject to legal action if your third party violates regulations. Examples of regulatory risks include violating consumer privacy laws or having insufficient cybersecurity practices.