The risk landscape around drug trafficking isn’t just evolving, it’s accelerating.

With illicit fentanyl now treated as a national security threat and new cartel-related designations emerging across Latin America, financial crime risk can shift overnight.

Recent industry discussions, including ACAMS-led conversations have highlighted a growing challenge for AML teams. How do they build programs that can keep pace with this level of speed and complexity?

1. Move Beyond Static Risk Scenarios

Most AML transaction monitoring frameworks rely on predefined typologies. The limitation is simple. They can only detect what is already known.

Cartel activity evolves quickly, often rendering existing scenarios obsolete.

What leading teams are doing differently:

• Continuously refreshing typologies based on emerging threats
• Stress-testing controls against new and hypothetical scenarios
• Introducing AI-driven, behavior-based detection approaches that can surface anomalous activity without relying solely on predefined rules

2. Incorporate External Risk Signals Dynamically

Today’s risk environment is shaped as much by geopolitics and enforcement priorities as by transactional behavior.

When a new designation is announced, exposure can change instantly.

What to focus on:

• Monitoring regulatory, geopolitical, and law enforcement developments in near real time
• Mapping those developments to customer and transaction activity
• Ensuring your monitoring approach and detection controls, can adapt quickly as new risk signals emerge, not weeks or months later

3. Reduce the Lag Between Risk and Response

One of the biggest gaps in AML programs is timing:

Risk shifts → controls update much later

In a fast-moving environment, that delay creates real exposure.

What leading institutions prioritize:

• Rapid review cycles for high-impact risk events
• The ability to adjust monitoring without full rule redevelopment
• Flexible detection frameworks that evolve continuously rather than through periodic updates

4. Detect Fragmented and Non-Obvious Activity

Cartel-linked financial flows are increasingly designed to avoid detection:

• Smaller transaction values
• Distributed networks (establishing mule networks)
• Indirect or multi-hop flows

These patterns rarely trigger traditional thresholds.

What to do differently:

• Shift focus from individual transactions to behavioral patterns across entities
• Look for subtle relationships and anomalies, not just volume
• Leverage AI models that analyze activity across networks to uncover hidden connections

For example, instead of a single high-value transfer, illicit activity may appear as dozens of low-value transactions across multiple accounts and jurisdictions (i.e. mule networks) , none of which trigger alerts individually, but collectively form a high-risk pattern.

5. Continuously Reassess Customer and Network Risk

Risk is no longer static at the customer level. A new designation or emerging typology can instantly change a customer’s risk profile.

Best practices:

• Trigger reassessments based on external events, not just periodic reviews
• Re-evaluate indirect exposure (counterparties, corridors, intermediaries)
• Use approaches that can surface previously unknown risk relationships across networks

6. Prepare for a Shift Toward National Security-Driven AML

The elevation of fentanyl signals a broader shift. Financial crime risk is increasingly tied directly to national security priorities*.[1]  This raises both expectations and consequences.

What this means in practice:

• Greater scrutiny on missed signals
• Increased focus on complex, cross-border activity
• A need for more sophisticated detection capabilities that go beyond traditional rule-based monitoring

The Takeaway

Drug trafficking risk isn’t just increasing, it’s becoming more dynamic, more adaptive, and harder to detect using traditional methods.

The core challenge is no longer just identifying known typologies.
It’s detecting unknown and evolving threats in real time.

This is where traditional rule-based systems begin to reach their limits.

More institutions are now exploring AI-driven approaches that focus on behavioral patterns and network relationships, enabling them to:

• Detect emerging risks earlier [2] 
• Uncover hidden connections
• Adapt continuously as threats evolve

---