Beyond Security and Operational Continuity: Emerging Corporate Risks After the Killing of El Mencho
On February 22, 2026, the leader of the Cartel Jalisco Nueva Generación (CJNG), Nemesio Rubén Oseguera Cervantes (“El Mencho”), was killed as Mexican federal forces sought to arrest him in a targeted raid. El Mencho was among the most wanted criminal in both Mexico and the United States, making this operation comparable in significance only to the final arrest of Joaquin Guzmán (“El Chapo”) a decade ago.
Disruption ensued. Reported violence outbursts attributed to CJNG-related groups across 20 states included:
- Road blockades and vehicle arson across multiple states
- Disruption of highways, logistics corridors, and public transport
- Attacks targeting government bank branches, fuel service stations, convenience stores, and commercial facilities
Misinformation and false reports amplified panic and operational interruptions beyond areas with confirmed incidents.
After the initial 24 hour cycle, mobility was largely restored. Approximately 90% of reported roadblocks had been cleared. The stance of security forces had shifted back to containment and prevention. The consequences of this saga, however, will not be short-lived.
A New Normal?
Many analysts have pointed out that this event marks a de facto break with the strategy of president Sheinbaum’s predecessor, president Lopez Obrador . He had famously declared that the Mexican government should pursue “hugs, not bullets” as the priority in his security agenda. President Sheinbaum has reiterated that there is no change in strategy and no intention to revive the “war on drugs”.
Still, closer collaboration between U.S. and Mexican authorities on cartel-related issues is undeniable. So is the much hardened stance of the US government.
Know Your Risk: Terrorist Designation of Cartels on Business Interests in Mexico. Well before El Mencho’s killing, the cascade of consequences that had stemmed from the declaration had already intensified risk for companies doing business in Mexico. Learn more here.
Since his first day in office, president Donald Trump moved to designate six Mexican cartels, including CJNG, as foreign terrorist organizations (“FTOs”). Since then, several U.S. specialized agencies – such as FinCEN and OFAC – have stepped up their intelligence gathering and enforcement patterns.
Combined with the pervasive presence of cartels in specific regions and sectors of the Mexican economy, the potential for new violence outbursts and disruptive U.S. and Mexican government investigations and enforcement actions is markedly high.
An Emerging, Critical Corporate Risk
The existential security, operational, and legal risks associated to critical incidents in this field are evident. But even if these do not materialize, or do not directly affect them, companies need to consider the irreversible impact the new contexts has already had on stakeholder expectations.
As international awareness of cartel-related issues heightens, inadequate corporate responses also entail critical reputational risk. Companies whose understanding and controls of these risks are deemed negligent or inadequate could struggle to retain competitive access to capital and other valued business relationships.
Material exposure to high-risk sectors, geographies, unions, and supply chains per se is not an insurmountable challenge. But it requires preparedness. This includes being able to explain to their stakeholders in a timely and effective manner the measures and protocols that they are adopting to respond to a changing operating environment to mitigate risk.
A Three-level Framework for Corporate Preparedness
- First line of defense: security-centric operational preparedness
Companies should prioritize their ability to manage emerging security incidents by strengthening real-time monitoring capabilities and situational awareness. This entails reinforcing effective working relationships with relevant authorities and proactively participating in industry associations and sectoral forums – not only from an advocacy perspective, but also to enhance situational awareness through information sharing.
The priority should be the protection of people, assets, and operations, with the flexibility to adjust routes, schedules, or activities quickly as conditions evolve on the ground. Further, internal escalation protocols should be reviewed to ensure that they are clear and actionable. Table-top exercises can help test protocols and procedures, and are useful to correctly assess the associated reputational concerns.
- Second line of defense: protocol-centric communicational preparedness and response
Should external communication be necessary in the short term, messaging should emphasize enhanced monitoring efforts, prioritization of employee safety, constructive coordination with authorities, and – where applicable – the absence of critical incidents affecting operations or personnel. Speculative or alarmist messaging that could inadvertently amplify risk or attract unwanted attention should be avoided.
More substantively, to address stakeholder concerns effectively, companies should avoid reliance on overly optimistic messaging or generic risk statements. Instead, they should be prepared to explain how specific mitigation strategies and protocols address their individual risk profiles. They should also stand ready to counter misinformation that directly impacts them.
- Third line of defense: longer term integral reassessment
Over the longer term, a comprehensive reassessment of potential incident materiality and exposure to evolving risks can significantly enhance the first two lines of defense. This involves reviewing security trends strategically and through the lens of each company’s geographic and operational footprint, using a materiality-based approach to evaluate whether adjustments to their business footprint or operating model may be required.
Ideally, this reassessment should evaluate exposure across the full value chain – from sourcing and transportation to distribution hubs and consumer-facing operations – while also accounting for heightened compliance expectations and growing stakeholder scrutiny. In a context shaped by cartel designations as FTOs and increased enforcement risk, the recent episode underscores the importance of responsibly integrating security considerations into long-term corporate planning.
Our Mexico and U.S.-based teams are available to share additional insights and for further discussion.
