Managing risks related to Terrorism Financing

Since the concept of "material support" is not precise, it is necessary to strengthen due diligence processes to mitigate risks. In this sense, a qualified third party can support in performing supply chain assessments, verifying the clauses in contracts and implementing preventive and corrective measures.

Organizations must establish comprehensive risk management frameworks that enable them to identify potential supply chain impacts. Among the main triggers are:

• Misuse of company assets
• Transactions in high-risk areas
• Relationship with third parties (suppliers or customers) that could have illicit links
• Theft of Sensitive Data
• Recruitment without proper background checks
• Fraud in payment methods

Although compliance issues in Mexico vary across sectors, it is important to recognize the value of identifying risks and potential sanctions in the face of U.S. government designation. With the specialized support of a third party, companies can:

• Analyze compliance gaps and confirm activities that, until now, have gone unnoticed, and may generate new compliance obligations
• Design or improve third-party risk classification criteria
• Evaluate process automation and, if necessary, use artificial intelligence (AI) to monitor key processes (i.e. transaction monitoring and sanctions screening)
• Coach and train talent in understanding risks, their materialization and potential impacts
• Implement reporting mechanisms that address specific risks
• Design and implement efficient response and communication protocols

While reactive decisions such as de-risking should be avoided, companies should perform risks assessments that consider the level of risk exposure and the degree of risk aversion, as the impact of the designation could lead to an insufficient understanding of the Know Your Customer principle (KYC). In this regard, some aspects to consider are:

• Establishing or enhancing the due diligence processes, including third parties, such as customers and suppliers, and including second or third-level reviews for high-risk cases
• Consider outsourcing the due diligence processes to transfer or share risk, in addition to accessing tools and procedures developed by specialists
• Setting up regular updates of third-party information, contract reviews, implementation of audit clauses and underutilized risk mitigation mechanisms

As companies face increased compliance requirements, especially in international transactions, access to financing may be complicated by anti-money laundering banking restrictions. Furthermore, in the face of increased scrutiny of the supply chain, rigorous evaluations must be conducted to avoid links with criminal groups.

Penalties for non-compliance may include fines in the millions of dollars, loss of access to the U.S. market, among others. As a result, proactive risk management controls and key measures focused on the prevention of terrorist financing are required, including the following:

• Implement or enhance customer classification matrix, according to sector, geographic location, and type of transactions
• Strengthen transaction monitoring processes and establish early alerts to flag suspicious changes in transaction activity
• Monitor the supply chain for the timely detection of infiltrations in areas with a high criminal presence, and identify businesses with higher risk levels, such as those related to transportation, logistics, agrobusiness, financial services, among others
• Execute due diligence processes to assess and validate the legal identity of suppliers and partners, screen records against blacklists and, where necessary, inspect facilities to confirm the company's existence