Emerging Corporate Risks on the Heels of the Killing of El Mencho

Beyond Security and Operational Continuity

On February 22, 2026, the leader of the Cartel Jalisco Nueva Generación (“CJNG”), Nemesio Rubén Oseguera Cervantes (“El Mencho”), was killed as Mexican federal forces sought to arrest him in a targeted raid. El Mencho was among the most wanted criminals in both Mexico and the United States, making this operation comparable in significance only to the final arrest of Joaquin Guzmán (“El Chapo”) a decade ago.1

Disruption ensued. Reported violence outbursts attributed to CJNG-related groups across 20 states included:

  • Road blockades and vehicle arson across multiple states
  • Disruption of highways, logistics corridors, and public transport
  • Attacks targeting government bank branches, fuel service stations, convenience stores, and commercial facilities

Misinformation and false reports amplified panic and operational interruptions beyond areas with confirmed incidents.

After the initial 24 hour cycle, mobility was largely restored. Approximately 90% of reported roadblocks had been cleared. The stance of security forces had shifted back to containment and prevention. The consequences of this saga, however, will not be short-lived.

A New Normal?

Many analysts have pointed out that this event marks a de facto break with the strategy of president Sheinbaum’s predecessor, president Lopez Obrador . He had famously declared that the Mexican government should pursue “hugs, not bullets”as the priority in his security agenda. President Sheinbaum has reiterated that there is no change in strategy and no intention to revive the “war on drugs”.3

Still, closer collaboration between US and Mexican authorities on cartel-related issues is undeniable. So is the much hardened stance of the US government.

Since his first day in office, president Donald Trump moved to designate six Mexican cartels, including CJNG, as foreign terrorist organizations (“FTOs”).4 Since then, several US specialized agencies – such as FinCEN and OFAC – have stepped up their intelligence gathering and enforcement patterns.5

Combined with the pervasive presence of cartels in specific regions and sectors of the Mexican economy, the potential for new violence outbursts and disruptive US and Mexican government investigations and enforcement actions is markedly high.

Well before El Mencho’s killing, the cascade of consequences that had stemmed from the declaration had already intensified risk for companies doing business in Mexico.

Read more 

An Emerging, Critical Corporate Risk

The existential security, operational, and legal risks associated to critical incidents in this field are evident. But even if these do not materialize, or do not directly affect them, companies need to consider the irreversible impact the new contexts have already had on stakeholder expectations.

As international awareness of cartel-related issues heightens, inadequate corporate responses also entail critical reputational risk. Companies whose understanding and controls of these risks are deemed negligent or inadequate could struggle to retain competitive access to capital and other valued business relationships.

Material exposure to high-risk sectors, geographies, unions, and supply chains per se is not an insurmountable challenge. But it requires preparedness. This includes being able to explain to their stakeholders in a timely and effective manner the measures and protocols that they are adopting to respond to a changing operating environment to mitigate risk.

A Three-Level Framework for Corporate Preparedness

First Line of Defense: Security-Centric Operational Preparedness
Companies should prioritize their ability to manage emerging security incidents by strengthening real-time monitoring capabilities and situational awareness. This entails reinforcing effective working relationships with relevant authorities and proactively participating in industry associations and sectoral forums – not only from an advocacy perspective, but also to enhance situational awareness through information sharing.

The priority should be the protection of people, assets, and operations, with the flexibility to adjust routes, schedules, or activities quickly as conditions evolve on the ground. Further, internal escalation protocols should be reviewed to ensure that they are clear and actionable. Table-top exercises can help test protocols and procedures, and are useful to correctly assess the associated reputational concerns.

Second Line of Defense: Protocol-Centric Communicational Preparedness and Response
Should external communication be necessary in the short term, messaging should emphasize enhanced monitoring efforts, prioritization of employee safety, constructive coordination with authorities, and – where applicable – the absence of critical incidents affecting operations or personnel. Speculative or alarmist messaging that could inadvertently amplify risk or attract unwanted attention should be avoided.

More substantively, to address stakeholder concerns effectively, companies should avoid reliance on overly optimistic messaging or generic risk statements. Instead, they should be prepared to explain how specific mitigation strategies and protocols address their individual risk profiles. They should also stand ready to counter misinformation that directly impacts them.

Third Line of Defense: Longer Term Integral Reassessment
Over the longer term, a comprehensive reassessment of potential incident materiality and exposure to evolving risks can significantly enhance the first two lines of defense. This involves reviewing security trends strategically and through the lens of each company’s geographic and operational footprint, using a materiality-based approach to evaluate whether adjustments to their business footprint or operating model may be required.

Ideally, this reassessment should evaluate exposure across the full value chain – from sourcing and transportation to distribution hubs and consumer-facing operations – while also accounting for heightened compliance expectations and growing stakeholder scrutiny. In a context shaped by cartel designations as FTOs and increased enforcement risk, the recent episode underscores the importance of responsibly integrating security considerations into long-term corporate planning.

Footnotes:

1: United States Department of State, “Nemesio Rubén Oseguera Cervantes, “El Mencho” (Deceased)”.

2: Gladys McCormick and Linnea Sandin, “‘Abrazos no Balazos’—Evaluating AMLO’s Security Initiatives” in Center for Security and Interational Studies, December 13, 2019.

3: Oscar López, “Sheinbaum denies reports US will send troops to Mexico: ‘It’s not going to happen’” by The Guardian, November 5, 2025.

4: United States Department of State, “Designation of International Cartels”, February 20, 2025.

5: Financial Crimes Enforcement Network, “Treasury Issues Unprecedented Orders under Powerful New Authority to Counter Fentanyl”, June 25, 2025.  

Related Insights

Related Information

Published

March 09, 2026

temp Key Contacts

Jorge Padilla

Senior Managing Director

Pablo Zárate

Senior Managing Director

Isaac Morales

Managing Director

Damian Martinez Taguena

Managing Director

Most Popular Insights

  1. Beyond Cost Metrics: Recognizing the True Value of Nuclear Energy
  2. Finally, Pundits Are Talking About Rising Consumer Loan Delinquencies
  3. A New Era of Medicaid Reform
  4. Turning Vision and Strategy Into Action: The Role of Operating Model Design
  5. The Hidden Risk for Data Centers That No One is Talking About

Sign up to get access to FTI Consulting Insights

Subscribe