The recent re-election of Donald Trump to the U.S. presidency has sparked numerous discussions about the direction of government policy and its impact across various sectors.

Among them, governance, risk, and compliance (GRC) in IT is especially poised to face potential shifts as Trump’s administration may introduce new tax, trade, and regulatory policies, some of which echo the agendas from his previous term. For professionals and leaders in IT, especially those working in GRC, the following key areas may be subject to notable changes.

Trump’s platform is centered on reducing regulatory constraints to foster growth and innovation, particularly in finance and technology. In his previous term, he rolled back various regulatory measures, and a second Trump administration could continue this trend. This could mean a potential decrease in oversight and compliance requirements, particularly for financial technology (fintech) and cryptocurrency. The possibility of repealing aspects of the Dodd-Frank Act is a specific example, as outlined in “Project 2025,” which suggests dismantling mechanisms that oversee financial stability, such as the Financial Stability Oversight Council (FSOC) and Orderly Liquidation Authority (OLA). For IT GRC, these repeals would alter how firms manage risk by shifting away from stringent regulatory oversight and potentially enabling a more self-regulated market approach.

Trump’s re-election could encourage more innovation in fintech and cryptocurrency, as his administration is generally perceived to be more supportive of digital asset growth. His campaign actively embraced cryptocurrency, receiving donations in virtual currencies and promoting reduced regulatory restrictions on financial technology. If the administration further relaxes regulations, crypto firms could find the U.S. market more welcoming. However, the uncertain classification of assets like Ethereum and Bitcoin, especially regarding whether staking is treated as a commodity or security, will need swift resolution to fully capitalize on this environment. A pro-crypto stance might also lead to increased competition among U.S. firms vying for dominance in digital asset and blockchain innovations, impacting risk management strategies in IT.

Trump’s protectionist trade policies could affect IT procurement and supply chain management. His proposed tariffs on imported goods may lead to higher costs for foreign-sourced technology and materials, potentially impacting IT budgets. For IT departments reliant on international hardware or software components, these tariffs could introduce volatility into cost structures, requiring more robust contingency planning. GRC professionals in IT will likely need to reevaluate sourcing strategies and risk assessments to address these potential cost fluctuations while ensuring compliance with trade regulations.

Trump’s administration may also impact cybersecurity policy, with a possible emphasis on bolstering defenses against threats from foreign entities. However, some in the administration, including Vice President-elect J.D. Vance, have voiced concerns over unregulated AI development. Vance expressed worries about AI’s potential risks, such as the misuse of AI-enhanced chatbots by bad actors. Thus, we might see more nuanced approaches to AI regulation, balancing the drive for innovation with safeguards against misuse. IT GRC professionals should stay prepared for potential new compliance mandates around AI and data security, especially as these technologies continue to intersect with personal privacy and consumer protection.

Economically, Trump’s tax policies could create a more favorable environment for tech corporations, especially through potential tax cuts and deregulation. This is expected to stimulate growth in technology sectors by providing financial incentives for domestic investments. For GRC in IT, this translates into the need for continuous strategic planning, as corporations may face renewed investment but also heightened scrutiny over riskier ventures due to relaxed regulatory oversight. IT GRC professionals should therefore focus on ensuring that compliance frameworks are adaptable, capable of managing both increased capital flow and potential downturns should market conditions shift.

Trump’s re-election will likely have international implications as well. Foreign governments and companies may need to adjust to U.S.-centric changes in compliance standards, especially in global fintech and IT partnerships. The global landscape could become more fragmented, requiring companies to be agile in their GRC approaches. This may include navigating a more complex compliance environment in international markets or re-evaluating investments in regions impacted by U.S. policies. European markets, for example, could adjust to maintain alignment or differentiate themselves in areas like crypto regulation and environmental compliance standards, potentially increasing the burden on IT GRC to manage varying regulatory requirements across regions.

Trump’s return to the White House could bring about a wave of deregulatory policies, favoring certain industries and potentially creating new compliance challenges and risks for IT GRC teams. While the reduction in regulations may foster growth and innovation, it also poses unique challenges for risk management and governance, especially as organizations must adapt to a more self-regulated environment. As with any political shift, GRC professionals in IT must remain vigilant, updating policies to reflect new economic and regulatory landscapes, while maintaining resilience against unforeseen risks.