The U.S. Department of Justice (DOJ) has announced a shift in enforcement priorities. Under the Trump Administration, there is a particular focus on cartels and other terrorist organizations, creating a minefield of new compliance risks that could blow up in your face if you're not prepared. If you're reading this, you probably care about keeping your company on the right side of the law. Good news: you're already ahead of the game. Bad news: there's probably work to do.

✨ Your content is ready!

Oops! Something went wrong while submitting the form.

✨ Your content is ready!

Click to Download

Oops! Something went wrong while submitting the form.

If you're reading this, you probably care about keeping your company on the right side of the law. Good news: you're already ahead of the game. Bad news: there's probably work to do.

The Big Picture

When enforcement increases, your risk increases. It's time to take a hard look at your compliance program, especially around money laundering, bribery, sanctions, and trade regulations.

Are You in the Danger Zone?

Highest Risk: Financial Services

If you're in any kind of financial services — or even if you only have a trading or hedging department — you're already in the government's crosshairs.

Other High-Risk Industries

Beyond the financial industry, the following sectors are a playground for cartels and other terrorists, which means regulators are watching them like hawks:

Transportation and logistics
Tourism and hospitality
Telecommunications
Oil, gas, and mining
Real estate
Agriculture

Geography Matters

Right now, the spotlight is on Mexican, Central American, and South American cartels — whose tentacles reach throughout the Americas. But don't forget about terrorist networks in the Middle East and Asia — they are still on the government’s "watch list.”

The Scary Truth

Here's what is difficult: You don't have to deal directly with criminals to get in trouble.

You could be doing business with what looks like a perfectly legitimate company, but it’s actually a front, providing valuable assets or laundering money for a cartel or other terrorist organization. If a court decides your management "should have known" about the connection, you're liable. It doesn't matter if management actually knew or not — if someone in the lower ranks knew but never told anyone, that could be your downfall.

Consider also that your company could face both criminal and civil liability, making the equation all the more complicated. A good compliance program, however, will cover all of these risks.

Time For a Reality Check: Ask Yourself These Questions

Where Are You Doing Business?

Do you have operations, vendors, or customers in Mexico, Central America, or South America? How about the Middle East or parts of Asia?
Do you have any subsidiaries or joint ventures in regions known for harboring cartels or other terrorist organizations?

What Business Are You In

Do you handle a lot of cash transactions?
Do you operate in one of the high-risk sectors that cartels and other terrorist organizations find helpful?
Do you conduct business with companies in high-risk sectors?

Who Are Your Business Partners?

Do you have local distributors, agents, or other reps in higher-risk locations?
Do you buy from vendors in high-risk sectors?
How well do you know your partners — their owners, their practices, their reputation?

Your Four-Step Action Plan

Step 1: Know Your Risk Level

Map out where you operate geographically
Check to see if you have any departments operating in higher-risk sectors, especially if you are a big organization
Identify your riskiest business relationships

Step 2: Get Management Buy-In

Brief management on the risks you've identified and the actions you plan to take
For high-risk companies, consider also briefing senior leaders and the board
Get leadership support for the actions you need to take

Step 3: Choose Your Defense Strategy

‍High-risk companies: If you don't already have it, implement formal screening ASAP. Consider hiring experts to help design your risk-mitigation procedures.‍
Medium-risk companies: Focus on your highest-risk areas and beef up due diligence procedures and training. Expert guidance is still a good idea.‍
Lower-risk companies: At a minimum, implement basic training and awareness programs addressing your risks.

Step 4: Stay Alert and Adapt

Keep up with new developments and government designations
Review your risk assessment annually
Watch for changes in your risk profile (new locations, products, vendors, joint ventures)
Adjust your program based on close calls and evolving risks

Help With Some Details

Play A: Beef Up Your Screening Game

Expand your screening: Review who you're currently screening and consider casting a wider net
Document everything: Have clear procedures for investigating suspicious matches and make sure all decisions are well-documented
Stay current: Regularly update due diligence on existing partners, especially those in high-risk areas
Focus: Pay extra attention to your riskiest transactions and relationships

Play B: Train Your People to Be Your Eyes and Ears

Your employees are your first line of defense. If they see something suspicious but don't report it, that knowledge can come back to haunt you during an investigation. Make it easy and safe for them to raise their hand.

Key people to train:

Managers in high-risk operations
Regional managers located in areas of interest to enforcement agencies
Procurement teams
Contract managers
Finance and accounting staff
Anyone who approves new vendor, distributor, or joint venture relationships

Play C: Get Your Paperwork in Order

If the government comes knocking, solid documentation of your compliance efforts could be the difference between a slap on the wrist and serious trouble.

What to document:

Risk assessment decisions
Staff training records
Red flags you identified and how you handled them
Vendor screening results and follow-up actions
Regular testing and auditing of compliance processes

The Price of Doing Nothing

Even if you never face criminal charges, a government investigation will cost your company a lot of money. Legal fees, staff time, business disruption, and reputation damage often cost much more than proactive prevention.

Getting Expert Help

Consider bringing in compliance professionals who understand your industry's specific risks. The money you spend on expert guidance now could save you millions in legal fees and penalties later.

The Real Talk

You don't need perfect controls overnight, but you do need to take reasonable steps to understand and manage your risks. Start with the basics, focus on your most significant vulnerabilities, and build from there.

The government is serious about this. The question is: are you?

If you’re looking for help building your compliance program, don’t hesitate to reach out to us. You can reach us here on our site or email us at hello@rethinkcompliance.com. We’d be happy to help.

‍

This guide provides general information only. Always consult with qualified legal and compliance professionals for advice specific to your situation.

Full disclosure: I am an attorney by training, and my writing style reflects it. I used my research and conclusions and then penned this post with the assistance of AI to help make it a more interesting read for everyone.

Explore more posts.

See All

Training – Understanding the “Why”

A compliance & ethics (“C&E”) program can mean different things to different people. But if you picked one that came to mind first, it would likely be training. This is viewed as a key to reaching employees. It is always on the list of program elements.

Fresh Perspectives from Nashville: What Our Team Learned at SCCE CEI 2025

From AI integration and modern training approaches to the evolving regulatory landscape, this year's conference highlighted both the challenges and opportunities facing compliance professionals today. Our team came back energized and full of ideas — and we wanted to share some of their key takeaways with you.

[Free Webinar Recording] Smart Money: Creating Successful Compliance Programs on a Budget

Every compliance program is different, but what if there were proven strategies you could implement to establish a successful compliance program? (Yes, it's possible — even with tight budgets and timelines) This isn't about expensive solutions or complex systems. In this webinar recording, we focus on practical, budget-friendly approaches that deliver real results — strategies you can start using right away.

Blog Post

DOJ Crackdown on Cartels and Terrorists: Where Should You Start?