News Flash: Regulatory Climate a Total Mess

Research firm Gartner has published a report documenting what most compliance officers have probably known for a while now: the bonkers regulatory environment these days is driving you all nuts. 

Gartner released today its Quarterly Emerging Risk Report, with findings based on a survey of 266 senior risk assurance executives. The “unsettled regulatory and legal environment” ranked as risk and compliance officers’ top concern for Q1 2025, up from the No. 3 slot in the previous two quarters.

Gartner formally defined the unsettled regulatory climate as “the risk of increasing compliance complexity or costs associated with legal and compliance matters from regulatory authority changes following court decisions and elections.” 

Translation: erratic and legally questionable policy pronouncements from the Trump Administration, coupled with the United States retreating from its traditional leadership role in the world, have left companies uncertain of exactly what legal and compliance risks they have — and if you don’t know that, how on earth can you plan a compliance program response?

In fairness to Garnter, the firm did not use the word “Trump” in this latest report. Research director Gamika Takkar more politely said that the global political arena “is seeing transformative shifts, driven by elections that have ushered new governments into power across key economies.” That makes the regulatory compliance landscape “one that executives want to better understand and address before they face real consequences.”

OK, but let’s get real here — we all know who the prime mover in this chaos is. It’s President Trump.

Indeed, one of the great ironies of 2025 so far is that Trump, ostensibly the Great Deregulator, is actually making corporate compliance more difficult. His policy declarations either make no sense (such as his vows to eradicate “illegal” DEI, even though the Administration has not precisely defined what illegal DEI is); or prompt other regulators to promise that they’ll pick up the enforcement slack from Uncle Sam’s absence (think California, warning last week that FCPA offenses can also be violations of its own state law); or introduce new compliance risks nobody really considered until now (such as a sweeping tariff regime going into effect overnight). 

There is no plan within the Trump Administration. There is no strategy. These days it’s victory when there’s still someone around at a regulatory agency to answer the phone. So is anyone surprised that regulatory uncertainty is now the top concern among companies? 

Implications for Compliance Programs

As the Gartner report correctly notes, it’s entirely possible that this messy regulatory landscape will make corporate compliance more expensive. 

Artificial intelligence is a good example of this. As the Trump Administration retreats from any serious regulation of AI, the Europe Union and U.S. states are moving ahead with it. This means businesses will need to juggle multiple AI regulatory demands, which costs more money. 

We could say the same for tariffs, economic sanctions, and other regulatory issues too. The Trump Administration isn’t retreating from all of those issues, but it is perfectly happy to diverge from Europe and other parts of the world on them. That means compliance officers must juggle more regulatory change management, more policy confusion, more documentation demands, more internal controls. 

The question compliance officers will need to sort out in coming months is how to revamp your compliance strategy so that you can handle this more confusing world in a sustainable way. Or, as Gartner phrased it, businesses will be forced “to reevaluate their strategies and resource allocation in the face of mounting compliance costs.”

I’m also interested in the conversations compliance officers might need to have with boards and senior management teams about today’s more complicated regulatory compliance and risk environment. 

That is, do management teams understand the complexity bubbling up around the world now? Do they grasp that while Trump is removing some compliance barriers, he’s erecting others (tariffs and immigration enforcement, for example), and the practical effect is to leave compliance teams still saddled with tons of work? Will that translate into adequate budgetary support and investment, or will cynical leadership teams think Trump = no compliance = cut the budget? (Confidential responses welcomed at mkelly@radicalcompliance.com.)

Bigger Strategic Risk Questions

Gartner also widened the lens to focus on four bigger, more strategic risks that companies will need to manage somehow. They are:

• Trade, tariffs, and supply chain disruptions.
• Regulatory and legal volatility
• The shifting geopolitical landscape
• Immigration and workforce changes

Each of those issues touches on compliance risk; or more accurately, compliance concerns are tucked into each one. But management teams also need to think about each issue more broadly, too. If Trump does carry on with his tariff battles, should your company restructure its supply chain? If he continues to crack down on immigrant labor, do you raise wages for citizens or shift to workforces based entirely overseas? And so on and so forth. 

Internal auditors and risk managers might want to consider how they could help assess these strategic risks. For example, you could assess the company’s reliance on immigrants as labor, or the costs versus savings of moving your supply chain from a high-tariff country (China) to a lower-tariff country (India). You could consult with geopolitical strategists, or at least read their white papers and analysis more often, to identify potential political risks that could bite your business model in the [expletive]. 

And all that confusion is just from the first quarter. Fifteen more to go before Trump exits the scene.