As geopolitical tensions and global regulatory enforcement continue to shift, many international companies operating in Mexico find themselves in uncharted territory. It's not just about keeping up with anti-corruption regulations anymore—today, the spotlight is on something far more severe: terrorism designations.
The U.S. government's recent move to classify major Mexican cartels as Foreign Terrorist Organizations (FTOs) introduces a high-stakes legal landscape that many compliance departments are unprepared to navigate. At the same time, the temporary pause in U.S. Foreign Corrupt Practices Act (FCPA) enforcement has created confusion, with some mistakenly viewing it as a relaxation of overall compliance expectations. It's not. The FCPA remains a valid and binding federal law in the United States. The current pause refers strictly to enforcement actions by the U.S. Department of Justice—and even then, it can be lifted at any time, either by the current or a future administration. Moreover, the statute of limitations for FCPA violations extends well beyond the expected duration of the Trump administration, meaning that any misconduct occurring during this pause could still be investigated and prosecuted by future authorities.
Equally important, this pause in U.S. enforcement does not imply a global reprieve from anti-bribery laws. The UK Bribery Act, the EU's anti-corruption framework, and Mexico's General Law on Administrative Responsibility remain fully enforceable. For multinational companies, compliance cannot be paused—it must be continuously strengthened.
For companies that depend on Mexican supply chains—particularly in transportation, logistics, and subcontracted services—the risks are no longer theoretical. Whether it's a freight partner paying protection money on a cartel-controlled route or a warehouse operator with ties to illicit finance, these connections can now trigger U.S. counterterrorism statutes, not just anti-bribery rules.
The Expanded Risk Profile: Beyond Bribery
The FCPA enforcement pause has prompted some companies to deprioritize anti-bribery compliance. But this is a critical misstep for several reasons. First, the Securities and Exchange Commission (SEC) continues to actively pursue FCPA-related investigations, and civil enforcement has not paused. Second, the FCPA remains in full force as a federal statute, and violations committed during the current pause can still be prosecuted by future administrations. With a statute of limitations that typically spans five years—and potentially longer in conspiracy cases—companies should assume that today's actions could become tomorrow's liabilities.
Furthermore, anti-corruption enforcement is far from dormant globally. While the DOJ may have paused its FCPA prosecutions, equivalent regimes such as the UK Bribery Act, the OECD Anti-Bribery Convention, and Mexico's own anticorruption framework remain active and fully enforceable. Companies that scale back their compliance efforts in response to the U.S. pause are exposing themselves to enforcement elsewhere, often with extraterritorial reach.
This broader context underscores a vital truth: third-party due diligence is not just about the FCPA. It is about managing the full spectrum of regulatory risks—from bribery and fraud to money laundering, terrorism financing, and sanctions violations. Failing to see the interconnectedness of these risks can leave companies dangerously exposed.
What the FTO Designation Really Means for Business
The designation of groups like the Sinaloa Cartel and the Jalisco New Generation Cartel as FTOs under U.S. law introduces a far more serious compliance threshold. Providing any kind of material support to a designated terrorist organization—including indirect support through a third-party contractor—can trigger severe criminal and civil penalties.
This is particularly problematic in Mexico, where cartel influence has permeated both licit and illicit sectors of the economy. Industries that rely heavily on logistics and ground transportation—such as manufacturing, retail, or agriculture—are especially vulnerable.
Case in Point: Transportation and Cargo Logistics
Consider the cargo and freight industry. A logistics company operating between Guadalajara and Lázaro Cárdenas may subcontract local carriers who use routes controlled by cartel groups. The carriers may be compelled to pay "usage fees" or protection money to ensure safe passage. These payments, while not always visible to the contracting company, may qualify as material support to an FTO under U.S. law.
In another example, a U.S.-based manufacturer importing goods from Mexico might work with a warehousing partner who has been infiltrated by organized crime groups to launder proceeds through legitimate-seeming invoices and distribution contracts. If the manufacturer has no due diligence protocol in place to identify these risks, it could be held accountable for failing to prevent a transaction that benefits a terrorist entity.
Why Compliance Programs Must Evolve
To navigate this new landscape, companies must move beyond static compliance checklists and adopt dynamic, risk-based systems. A robust compliance program—when properly designed—doesn't just help prevent misconduct; it can also provide a legal defense in the event of enforcement.
Here are key features that should be incorporated into any modern compliance framework:
- Enhanced Risk-Based Due Diligence (EDD): Evaluate third parties based on jurisdiction, industry sector, ownership structure, and reputational history. Perform deeper reviews for vendors operating in high-risk regions or industries.
- Real-Time Sanctions and FTO Screening: Use tools that screen entities and individuals against OFAC lists, FTO designations, and other international sanctions regimes. Integrate these tools into onboarding and ongoing monitoring processes.
- Third-Party Tiering and Monitoring: Not all third parties pose equal risk. Segment vendors based on function and geography, and assign monitoring efforts accordingly. High-risk contractors, such as those handling cargo in cartel-controlled areas, should face more scrutiny.
- Audit Trails and Escalation Paths: Ensure that red flags are not just identified, but acted upon. Clear escalation procedures and documented responses can help demonstrate a culture of compliance.
The Value of Specialized Counsel
Designing and implementing a program like this is not a one-size-fits-all exercise. It requires a nuanced understanding of overlapping legal regimes, cross-border enforcement trends, and operational realities on the ground.
Expert legal counsel plays a crucial role in tailoring compliance systems to the specific risks of your supply chain. Counsel can assist in identifying hidden exposure, drafting internal policies, conducting training, and advising on remediation or self-reporting when necessary.
Preparing for What Comes Next
The FCPA pause, while politically significant, should be seen not as a retreat from enforcement but as a pivot. Risk has not disappeared—it has diversified. For companies operating in or with Mexico, the FTO designations amplify that risk dramatically. Businesses that rely on transportation, warehousing, and subcontracting must be especially vigilant.
In short, this is not a time to relax your guard. It is a moment to revisit, reassess, and reinforce your entire compliance posture.
Final Thought: Compliance as a Strategic Priority
In today's interconnected and heavily regulated world, third-party due diligence is not a luxury or a checkbox. It's a business necessity.
An effective compliance program can:
- Limit corporate liability
- Create legal defenses in enforcement actions
- Preserve relationships with regulators and partners
- Protect your reputation and stakeholder value
Ignoring these obligations puts your organization at risk—not only of fines or prosecution but of operational collapse in the face of unforeseen regulatory shocks.
Whether you're moving containers, sourcing raw materials, or subcontracting drivers in Mexico, your supply chain is only as strong as your due diligence. Build it wisely.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
