The New “Operation Casablanca”? Challenges and Opportunities in the Designation of Mexican Cartels as FTOs

The emerging risk and regulatory scenarios stemming from the February 20, 2025 designation of several Mexican cartels as Foreign Terrorist Organizations (“FTOs”)1 and Specially Designated Global Terrorists (“SDGTs”)2 are getting to one central question: Can we expect to see sanctions similar to those imposed on financial institutions after Operation Casablanca? The response is yes, and not only that: it will happen sooner and more severely than we might expect.

In this context, it is relevant to analyze the challenges and opportunities that arise from this designation for the private sector in Mexico, particularly for companies classified as engaging in vulnerable activities. To this end, the following lines will use the aftermath of Operation Casablanca (1998) as a point of reference to anticipate potential current scenarios. Furthermore, the discussion will explore the measures that Mexican companies can adopt to protect themselves from sanctions under this new regulatory framework.

Operation Casablanca and the Current Landscape

The recent decision by the United States government to designate several Mexican cartels—including the Sinaloa Cartel, the Jalisco New Generation Cartel (“CJNG”), the Northeast Cartel (“CDN”), La Nueva Familia Michoacana (“LNFM”), the Gulf Cartel (“CDG”), and Cárteles Unidos (“CU”)—as FTOs and SDGTs marks a turning point in both bilateral relations and the way regulatory compliance must be approached by the Mexican private sector.3 These designations are not limited to asset freezes under U.S. jurisdiction or restrictions on international transactions; they also signal heightened expectations for both financial and non-financial institutions in Mexico to implement robust, verifiable mechanisms for the prevention, detection and reporting of illicit activity.4

A key precedent that highlights the seriousness of the current scenario is Operation Casablanca, a 1998 undercover operation led by the U.S. Customs Service, the Department of the Treasury and the Department of Justice.5 This unprecedented effort uncovered a money laundering network involving Mexican and Venezuelan banks channeling funds from the Juárez and Cali cartels.6 The operation led to the arrest of more than 160 individuals, the seizure of over USD 52 million from Mexican bank accounts and USD 1.3 million in cash and the pursuit of an additional USD 23 million in forfeitures across 18 countries.7 Beyond the numbers, the structural impact was significant: several financial institutions faced asset freezes, correspondent banking suspensions, audits imposed by U.S. authorities and temporary operational disruptions due to the absence of effective internal controls.8

The key lesson from this experience is clear: U.S. authorities are willing and operationally capable of directly and forcefully intervening in the international financial architecture when they identify real or perceived links to high-risk actors. In this regard, the new framework derived from the FTO and SDGT designations requires Mexican companies to understand that national compliance standards are no longer sufficient. Correspondent banks and foreign regulatory authorities are likely to require clear and documented evidence of ongoing internal audit processes, systematic reporting of suspicious activities and the implementation of risk matrices aligned with the standards and guidelines issued by FinCEN, OFAC and other agencies with extraterritorial jurisdiction.9

The risk is not only regulatory, but also reputational and commercial. Even a remote business relationship with a designated Foreign Terrorist Organization (“FTO”) may result in contract terminations, loss of operating licenses, or the withdrawal of international clients.10 In this context, companies engaged in vulnerable operations—those legally required to implement anti-money laundering and counter-terrorism financing measures under Mexico’s Federal Law for the Prevention and Identification of Operations with Illicit Proceeds—face heightened exposure.11 These include sectors such as jewelry, construction, vehicle trading, armored transportation services and real estate leasing, among others.12

Due to enhanced monitoring obligations, these businesses are particularly exposed to high-risk third parties, where any failure in control mechanisms may lead to severe consequences. Furthermore, sectors with significant cross-border activity—such as foreign trade, mining, and logistics—are especially susceptible, given the complexity of their supply chains and the increased likelihood of indirect interaction with designated actors.13 In this evolving environment, compliance is no longer merely a legal obligation—it has become a strategy for business continuity and long-term resilience.14

Opportunities Amid FTO Designations

While the current landscape presents significant risks, it also creates opportunities for companies that can adapt swiftly and intelligently. Organizations that adopt advanced due diligence, risk management and third-party oversight policies will not only reduce the likelihood of sanctions but will also position themselves as trustworthy partners in the international market.15 In an increasingly demanding regulatory environment, having strong internal processes—ranging from periodic audits and well-structured risk matrices to verifiable supply chain traceability—becomes a key competitive differentiator.16

This new international security scenario calls for a paradigm shift. The designation of Mexican cartels as FTOs and SDGTs should not be seen as an isolated event, but rather as the beginning of a broader strategy by the U.S. government to weaken transnational criminal networks through financial and regulatory tools.17 Companies that understand this shift and adopt a proactive stance will be better positioned not only to weather the changing environment but also to strengthen their reputation, attract investment and consolidate their international presence.18

Ultimately, it is essential to recognize that we are facing a structural reconfiguration of the global security approach. The classification of certain criminal groups as terrorist entities significantly alters the risk landscape for the Mexican private sector. It is no longer just about avoiding links to organized crime—it is about preventing any direct or indirect relationship with actors deemed terrorists by a global power.19 In this new context, corporate compliance policies must evolve with the same rigor as financial or business models. Companies that treat risk management as an operational pillar, rather than a peripheral function, will be best equipped to meet the challenges of this new global order.20

What Companies Operating in Mexico Can Do Next

In light of the new international security framework—where several Mexican cartels have been designated as FTOs and SDGTs—companies operating in Mexico face a profound shift in their compliance obligations. Adherence to local regulatory frameworks is no longer sufficient: today, the risk of maintaining even indirect ties with designated terrorist entities could result in international sanctions, loss of market access and irreparable reputational damage.

In this context, internal processes represent the first line of defense. The effective implementation of control mechanisms—ranging from risk matrices and audits to transaction monitoring and third-party traceability—protects organizations not only from regulatory penalties but also positions them as responsible players in an increasingly demanding global marketplace.

In our experience facilitated tabletop exercises are one of the best ways to help companies understand, classify and document their specific exposure to FTOs and bring together relevant stakeholders—such as compliance, finance, procurement and other executive decision-makers—to collectively assess operational and financial controls, identify vulnerabilities and define responsibilities within the organization.

Through this process, companies are able to:

  • Understand where and how they may be exposed to FTO-related risks.
  • Document those exposure points and maintain supporting evidence.
  • Develop targeted mitigation strategies.
  • Implement appropriate screening protocols and conduct ongoing monitoring.
  • Identify and address gaps in payment flows, especially those related to unregulated or undocumented transactions.
  • Design internal solutions and determine where third-party support is necessary.

This collaborative effort not only enhances awareness and accountability across the organization, but also strengthens the foundations of an effective risk prevention program tailored to the FTO regulatory landscape.

Conducting reputational due diligence, counterparty analysis and risk profiling with a geopolitical and criminal lens will also be critically important. Additional valuable elements include implementing risk matrices adapted to the new context, providing specialized training for compliance teams and reviewing and upgrading forensic audit and computer forensics services—critical tools for detecting and mitigating operational risks before they materialize.

Ultimately, Mexican companies need to build a solid culture of compliance that enables them not only to adapt to this new environment but also to leverage it as an opportunity to enhance their reputation, competitiveness and long-term sustainability. But strengthening compliance processes, anticipating regulatory risks and preventing potential ties with designated FTO or SDGT entities is a complex, multi-phase process, and in our experience, many organizations lack the specialized experience to undertake these programs rapidly, efficiently and effectively. The risks for companies classified as engaging in vulnerable activities are only becoming more real and the time to take proactive steps is now.

Raquel Cabrera, Senior Consultant in our Risk & Investigation team in Mexico City, contributed to this article.

Footnotes:

1: An FTO (Foreign Terrorist Organization) is a legal designation established under Section 219 of the Immigration and Nationality Act (8 U.S.C. 1189). It is used by the U.S. government to identify foreign organizations that engage in premeditated, politically motivated acts of terrorism directed against noncombatant targets Anon., “An FTO (Foreign Terrorist Organization),” U.S. Department of State (n.d.). 

2: SDGT (Specially Designated Global Terrorist) designation stems from Executive Order 13224 and the International Emergency Economic Powers Act (IEEPA, 50 U.S.C. 1701 et seq.). It allows for the blocking of assets and the prohibition of financial transactions with individuals or entities who facilitate, support, or are otherwise associated with terrorist activities, without requiring a formal legislative declaration Anon., “SDGT (Specially Designated Global Terrorist) designation stems from Executive Order 13224 and the International Emergency Economic Powers Act,” U.S. Department of State (n.d.).

3: Office of The Spokesperson, “Designation of International Cartels,” United States Department of State (February 20, 2025).

4: Anon., “The Foreign Terrorist Organization Designation Amounts to Summary Death Warrants for Mexican Criminals,” Baker Institute (2024).

5: Fernando Gutierrez, “Operación Casablanca y otros escándalos impactaron en el mercado cambiario,” El Economista (January 27, 2021).

6: Anon., “Operation Casa Blanca Continues its Sweep,” U.S. Department of the Treasury (May 20, 1998).

7: Id.

8: Fernando Gutierrez, “Operación Casablanca y otros escándalos impactaron en el mercado cambiario,” El Economista (January 27, 2021).

9: Galdo, M., “The Justice Department’s Multifront Battle Against Drug Cartels,” Lawfare (2025).

10: Anon., “Navigating the Risks of Cartel Terrorist Designation for Companies Operating in Mexico and Latin America,” Blank Rome LLP (2025).

11: Anon., “Ley Federal para la Prevención e Identificación de Operaciones con Recursos de Procedencia Ilícita,” Cámara de Diputados - Congreso de la Unión (n.d.); Egglestone, J., “SIEM vs MDR: Choosing the right solution,” Aspire Technology Solutions (November 10, 2023).

12: Egglestone, J., “SIEM vs MDR: Choosing the right solution,” Aspire Technology Solutions (November 10, 2023). 

13: Anon., “High-Risk Areas of Corruption in the EU: In-Depth Report Highlights Six Vulnerable Sectors,” Eucrim.eu (2025). 

14: Spooner, L., “What is Business Compliance? (Ultimate Guide),” Compliance Chain (January 26, 2024).

15: Anon., “Principles for the Sound Management of Third-Party Risk,” Basel Committee on Banking Supervision (n.d.).

16: Anon., “Third-Party Due Diligence,” London Stock Exchange Group (n.d.).

17: Anon., “The White House,” The White House (2024).

18: Asli Aydintasbas, “Trump Will Overplay His Hand. Here’s How to Be Ready,” POLITICO (December 2024).

19: AUN, “New Global Economic Order: How to Create a Global Security System,” Advocacy Unified Network (August 4, 2022).

20: Anon., “Global Security: The Need for a New Beginning,” International Atomic Energy Agency (October 12, 2007). 

Related Insights

Related Information

Published

June 27, 2025

temp Key Contacts

José Cortina

Senior Managing Director

Most Popular Insights

  1. What Directors Think Report
  2. Know Your Risk: Terrorist Designation of Cartels on Business Interests in Mexico
  3. Four Predictions for Private Equity in 2025
  4. Global CFO Survey 2025
  5. Current Power Trends and Implications for the Data Center Industry

Sign up to get access to FTI Consulting Insights

Subscribe