4. Regulatory risks:

New AI regulations impose requirements the organization is not prepared for (Chapter 28) - Privacy violations from AI systems processing personal data (Chapter 29) - Industry-specific compliance failures (FDA for healthcare AI, SR 11-7 for financial services AI) - *Mitigation:* Regulatory monitoring