Mexico: Overview

This is an Insight article, written by a selected partner as part of GIR's co-published content. Read more on Insight

General overview of Mexico’s anti-corruption regulation

Mexico’s current federal administration has publicly made the fight against corruption one of its top priorities. In the Pact for Mexico, President Peña Nieto proposed the implementation of reforms to strengthen transparency, accountability and the fight against corruption.1 However, in the midst of profound structural changes in Mexico – such as modernising the telecoms sector and opening the energy sector to private investment – the government’s attention seems to have been diverted to other topics. Unfortunately, at the time of writing, the discussion of the anti-corruption reforms has not even started in Congress.

In spite of the above, there have been positive legislative efforts in recent years such as amendments to the Federal Criminal Code (FCC) article 222-bis, which creates criminal liability (not only for individuals but also for corporations) for foreign bribery offences by incorporating the sanctions provided under article 222 for bribery of a domestic public official. Also noteworthy is the June 2012 Federal Anti-Corruption Law in Public Procurement (FALPP), which contains corporate liability as well as foreign bribery offences and which we will discuss in more detail below.

There are two types of legal instruments that regulate the fight against corruption in Mexico: international and domestic regulations.

Internationally, three main international conventions regulate the fight against corruption in Mexico: the Inter-American Convention against Corruption; the Convention on Combating Bribery of Foreign Public Officials in International Business Transactions; and the United Nation Convention against Corruption.

The three aforementioned international conventions have been signed and ratified by Mexico and thus are all binding on the Mexican authorities. These conventions provide public policies that support the efforts of the domestic governments and their authorities in the identification of successful practices that may combat corruption. Furthermore, these conventions seek homogeneity in domestic legal frameworks of the state parties and coordinate anti-corruption practices.

Regarding international application of foreign regulations, we should highlight the US Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act because they may apply to corrupt conducts occurring in Mexico due to those regulations’ extraterritorial effects. Although the UK Bribery Act’s provisions grant ample discretion to the UK authorities to prosecute foreign corruption, the FCPA has been the main anti-corruption regulation whose application has concerned corruption acts in Mexico.

The public’s awareness of the application of the FCPA reached unprecedented heights in Mexico after the release of the 21 April 2012 New York Times article reporting allegations of a widespread system of corruption by Wal-Mart involving as much as US$16 million in ‘donations’ to Mexican local governments and US$24 million in alleged bribes to public officials in order to obtain permits, zoning approvals, licences and fee reductions.

Domestically, the legislative highlight of the fight against corruption is the enactment, in June 2012, of the FALPP. The purpose of this law, as stated in the legislative initiative sent by President Felipe Calderon to Congress in 2011, is to ‘generate within society a culture of legality and an honest performance by all people in any activity’. The law’s reach encompasses all corrupt activities that might be carried out by individuals or legal entities in public procurement and international commercial transactions related to public procurement. This law punishes both domestic and foreign corrupt acts, and the law’s penalties encompass individuals and entities.

The entity in charge of enforcing the Federal Anti-Corruption Law in Public Procurement is the Ministry of Public Administration. The Ministry of Public Administration also enforces such law through the internal organs of control it has in the Federal Public Administration’s departments and entities.

On 2 January 2013, President Peña Nieto published several amendments to the Organic Law of the Federal Public Administration. Under the second transitory point of such amendments, Congress provided that the Ministry of Public Administration would lose and transfer its anti-corruption functions to a constitutionally autonomous agency that would be created specifically to fight corruption. This announcement has naturally undermined the Ministry of Public Administration’s credibility in its fight against corruption among public officers.

Of relevance, we also must mention that most of the states’ criminal codes in Mexico punish bribery, which can be broadly described as any request, offer, payment, or gift of money or thing of value to any public officer in exchange for doing or not doing something related to the officer’s duties.

The establishment of an effective corporate compliance programme

Preventing and avoiding corruption is much better than punishing it. This is a self-evident truth which could save businesses hundreds of millions of dollars in fines, but prevention seldom receives the attention it deserves. Even though there is no Mexican statute requiring companies to implement compliance programmes, best corporate practices certainly point towards the incorporation of such type of programmes as corporate codes of conduct and anti-corruption policies become more robust.

In order to prevent the risks of violating an anti-corruption statute, the first thing to do is determine what anti-corruption statutes are applicable. Here, I have seen, time and again, businesses – and most importantly, their key employees – having very limited awareness about the application of statutes such as the FCPA and UK Bribery Act in Mexico. This, in my view, is the greatest area of risk for international business with operations in Mexico – their local employees’ lack of awareness of the applicability of these extraterritorial statutes in Mexico.

Hence, US businesses with operations in Mexico should make an effort to raise their employees’ awareness of the extraterritorial effects of the FCPA and of how conducts that would seem natural to running businesses in Mexico could imply severe sanctions in the eyes of US regulators. A good example of these types of common conducts in Mexico is the hiring of gestores, which are third parties that usually help companies obtain permits and licences. There is a widespread culture of ‘don’t ask don’t tell’ with regard to how gestores usually operate. Businesses hire gestores because of their ‘good understanding’ of how the Mexican bureaucracy moves to interpret municipal or state regulations that usually imply some degree of discretion from the officer applying the law.

Employees from transnational companies working in Mexico sometimes follow the belief that wilful blindness will save them from gestores’ actions that could imply a violation to anti-corruption regulations. Companies subject to the FCPA should make their best effort to make their employees understand that acts from third parties may imply liability on the hiring company.

For businesses involved in public procurement, it is also important to inform local employees of the applicability of the FALPP to any individual or entity that is party to a public contract or an international commercial transaction regarding public procurement, or is a party to any act or activity carried on before or after the contract or transaction is entered into.

Finally, and perhaps most importantly, businesses employees operating in Mexico should be aware that bribing a Mexican or foreign official is a crime.

After determining the applicable statutes, the next step to develop an effective compliance programme will be to conduct a thorough risk assessment of the company’s operations. To conduct a sound risk assessment, input from local attorneys who understand the underlying dynamics between the business and government officials will be critical. A true understanding of the culture of doing business (more than an understanding of the abstract regulations) will be fundamental to a successful assessment of the anti-corruption risks the company will need to address. Common steps taken in a risk assessment should follow: identifying key risk factors; evaluating the likelihood and severity of the risks; defining, implementing and monitoring effective actions to mitigate the identified risks.

There are no strict elements that an effective compliance programme should have. However, three questions commonly raised by the Department of Justice (DoJ) and the Securities and Exchange Commission (SEC) can be used as guidelines towards the assessment of an effective corporate compliance programme:

  • Is the compliance programme well designed?
  • Is it being applied in good faith?
  • Does it work?2
  • Even though a compliance programme should be tailored to each company’s needs, common factors to expect should be:
  • a true commitment from the company’s highest officers to an anti-corruption culture and a clear anti-corruption policy;
  • empowerment of the executive staff to effectively enforce the programme;
  • incentives and means of discipline;
  • third-party due diligence; and
  • a confidential system to report anti-corruption violations.

In sum, a compliance programme will be effective as long as it is capable of creating a ‘compliance culture’ within the company and that such programme is capable of effectively detecting and preventing corruption.

The impact of the FCPA in Mexico

The FCPA is arguably the foreign anti-corruption regulation with greatest impact to foreign businesses in Mexico. The relevance of the FCPA to foreign business operating in Mexico arises from three main reasons: (i) the FCPA’s extraterritorial application and the expansive interpretation given to it by the American regulators; (ii) in addition to prohibiting bribery, the FCPA imposes ‘books and records’ obligations which allow investigators to overcome a typical obstacle in bribery investigations (ie, the mischaracterisation of the bribery under a ‘legitimate’ accounting entry); and (iii) the US regulators have consistently prosecuted FCPA violations involving allegedly corrupt acts taking place in Mexico and have imposed multimillion-dollar sanctions on the investigated parties. Additionally, the FCPA’s importance is enhanced by the fact that the US is Mexico’s most important commercial partner.

Some recent relevant FCPA cases that have been prosecuted by the DoJ and the SEC against international business for potentially corrupt acts committed in Mexico are the following:

Hewlett-Packard (2014) – over US$108 million settlement with the SEC and the DoJ

In a bid to win a software sale to Mexico’s state-owned petroleum company, Hewlett-Packard’s Mexican subsidiary allegedly paid over US$1 million in bribes to a government official.

Stryker (2013) – US$13.3 million settlement with the SEC

Stryker’s subsidiaries in Mexico and other countries allegedly paid approximately US$2.2 million in bribes to doctors, health professionals and other government officials in order to gain business.

BizJet (2012) – US$11.8 million criminal penalty paid to the DoJ

BizJet executives allegedly coordinated and authorised the payment of bribes to Mexican officials in an attempt to secure aviation service contracts with government agencies.

Orthofix International NV (2012) – US$5.2 million settlement with the SEC and a fine of US$2.2 million

Orthofix’s Mexican subsidiary Promeca, SA allegedly paid bribes to government officials at Mexico’s health-care and social services institution, Instituto Mexicano del Seguro Social (IMSS), in order to obtain sales contracts with government hospitals. Promeca’s employees referred the bribe payments as ‘chocolates’.

Tyson Foods, Inc (2011) – US$4 million fine and a US$1.2 million disgorgement

Tyson Foods’ Mexican subsidiary was accused of violating the books and records provision to inaccurately record bribes to Mexican meat processing plant inspectors.

As of August 2014, the Wal-Mart corruption scandal has become the hallmark case for the expansive reach of the FCPA into Mexico. Some of the lessons learned after Wal-Mart are the impact that an FCPA investigation can have on a company’s stock price, its reputation, its potential for growth and the very high legal costs it must incur in to make front to a full-blown investigation. In March 2014, Bloomberg reported that Wal-Mart Stores, Inc said ‘it spent $439 million in the past two years to investigate the possible payment of foreign bribes, making it one of the most expensive probes in US history.’3

Lastly, the FCPA certainly influenced the Mexican effort to produce an anti-corruption law by means of the FALPP. We can observe such influence in the very general wording of the anti-bribery provisions included in the FALPP. However, the Mexican Congress omitted including a ‘books and records’ provision with an amplitude similar to that of the FCPA. Perhaps we will see the incorporation of books and records obligations under future regulatory changes in Mexico.

Handling internal anti-corruption investigations

In Mexico, businesses usually conduct internal anti-corruption corruption investigations to determine whether anti-corruption regulations have been breached, to make the best effort to assess the risk derived from such potential violations and take decisions as to how to address such issues.

Anti-corruption investigations tend to involve high levels of complexity for reasons such as the uncertainty of the evidence usually giving rise to such an investigation (eg, a call in the company’s hotline or an anonymous e-mail to the compliance department); the difficulty of determining how to successfully and promptly avoid destruction of evidence; the challenge of obtaining cooperation with potential witnesses while at the same time informing them that they themselves could be subject of investigation; and whether to come forward and disclose a violation or self-remedy such violation.

There is no Mexican regulation requiring the sharing of an internal anti-corruption investigation nor the fact that an investigation was conducted.

Typically, an investigation will start with determining the universe of people involved in the potentially corrupt actions, then the company should try to secure the e-mail and documents pertaining to the investigated facts; finally the company should personally interview the employees involved in the facts under investigation. After the initial interviews, the process just described might go through new iterations to refine the investigation’s results.

The attorneys and company officers conducting the investigation should alert the interviewees that they have the right to their own counsel and that the company is trying to protect its own interests not those of the interviewee. In this regard, a practical suggestion (which might sound obvious but in my experience has proven quite successful) to deal with company employees involved in corrupt acts is to try to generate rapport, by for example, acknowledging Mexico’s propensity for corruption,4 with the interviewee and ask him to provide his side of the story.

In connection with securing documentary evidence such as hard-copy documents and e-mails, companies are usually free to ask for a hold-over of documents and ask employees to provide whatever company documents might be in their possession as well as full access to company computers, tablets or phones. When internal policies and procedures provide that all data stored on company’s PCs, tablets and phones is company property, companies are even more protected to ask for full and complete control over such data.

However, a recent Supreme Court non-binding precedent suggest that under the constitutional individual right to privacy in private communications one cannot intercept a third party’s e-mail communications with the justification of being the owner of the computer where the third party accessed the e-mail account.5 The facts giving rise to the precedent belong to a divorce where a husband accessed his wife’s e-mail to obtain evidence of her alleged infidelities to offer evidence in a divorce claim. Nevertheless, the protection of privacy will probably become extensive to the use of a private e-mail account in a work-space context. To address this issue companies should revise their policies by assuring that their employees consent to using company electronic devices only for the company’s business purposes and not for personal use. Also, expressly stipulating in the employment agreement what is the information that belongs to the company will help mitigate such privacy risks.

Furthermore, companies must keep in mind that under Mexican privacy law,6 employees have a right of expectation of privacy (ie, employees have the right to expect that their private life issues will remain private). Hence, while handling internal investigations companies must be aware that this type of information shall be kept private. If a company breaches its privacy duty it can be punished with large fines, (eg, in 2013 the Federal Institute for Access to Public Information fined with US$1.2 million a major Mexican bank for transferring data to third parties without consent of the involved individuals).

The current anti-corruption regulation in the energy sector

Although the Mexican government, since President Peña Nieto took possession in 2012, has repeatedly declared that one of its main priorities is to work on the prevention and punishment of bribery and corruption there are some statutory problems that could, arguably, make the Federal Anti-Corruption in Public Procurement Law inapplicable in most relevant Mexican public contracts – contracts with the state-owned oil company Petróleos Mexicanos (Pemex) and the electricity provider Comisión Federal de Electricidad (CFE).

On December 2013 Congress amended the Constitution to set the basis for the opening of the oil and energy sector. In August 2014, President Peña Nieto published the secondary regulation approved by Congress which implements the constitutional reform. The energy reform has been received by the markets with overwhelming optimism and high expectations of growth for the future of the Mexican economy. It is hard to argue that these reforms will not have a positive impact in Mexico’s economy in the medium to long term.

However, regarding the fight against corruption in public procurement, there is poor alignment between the new energy regulatory framework and the FALPP. The regulatory statutes modified the corporate structure of CFE and Pemex, state-owned entities in charge of the energy generation and sale in Mexico. Under the new constitutional wording, CFE and Pemex are now addressed as ‘public productive entities’. Also under this new constitutional framework, the new energy regulating entities, National Hydrocarbon Commission and Energy Regulating Commission, are ‘coordinated entities in the energy sector’.

Under the previous regulation, Pemex and CFE were subject to the FALPP jurisdiction because they were ‘public contracting entities’ (as defined under FALPP, article 3, section VIII). They no longer are. Thus, arguably, they are no longer subject to the FALPP.

In connection with the National Hydrocarbon Commission and Energy Regulating Commission, these do not fit under the personal jurisdiction clauses of the FALPP (FALPP, article 3, section VIII).

Therefore, bribery and corrupt acts regarding any contracts or acts with ‘public productive entities’ such as CFE and Pemex can now, arguably, only be punished for bribery under the Criminal Code, and cannot be punished under the FALPP. The application of the FALPP to CFE and Pemex has yet to be tested before Mexican courts since the energy statutes regulating the Constitution were passed by Congress very in the past month. However, a parallel amendment by Congress to the FALPP to clarify that CFE, Pemex, the National Hydrocarbon Commission and Energy Regulating Commission are subject to the FALPP would have provided, and would still provide, a clean-cut solution to this apparently misfortunate loophole.

In conclusion, an amendment to the FALPP to expand its scope to ‘public productive entities’ as well as to the National Hydrocarbon Commission and Energy Regulating Commission would update and ascertain the FALPP’s application to the sector to which it was originally designed – procurement contracts.

At the end of August 2014, the Mexican press reported that the two main opposing parties, PAN and PRD, are focusing their attention on bringing the creation of a federal anti-corruption agency back to the congressional legislative agenda. Mexico will no doubt be an interesting market to watch for future development in its efforts to eradicate corruption and match it to its growth potential.


  1. In the 2012 Pact for Mexico, section 4, President Peña Nieto and the Presidents of the main political parties in Mexico, agreed that three reforms would be implemented to strengthen transparency, accountability and the fight against corruption. ( [Last visit on 24 August 2014].
  2. Resource Guide to the Foreign Corrupt Practices Act, at 56.
  3. [Last visit on 31 August 2014].
  4. Transparency International ranks Mexico 106/177. ( [Last visit on 31 August 2014].
  5. First Chamber of the Mexican Supreme Court, Vol. XXIV, August 2011, p. 217, Isolated Thesis (DERECHO A LA INVIOLABILIDAD DE LAS COMUNICACIONES PRIVADAS. IRRELEVANCIA DE LA PROPIEDAD DE LACOMPUTADORA PARA EFECTOS DE CONSIDERAR INTERCEPTADO UN CORREO ELECTRÓNICO.) (,161341,180945,202195&tipoTesis=&Semanario=0&tabla=) [Last visit on 31 August 2014].
  6. Ley Federal de Protección de Datos Personales en Posesión de los Particulares.

Unlock unlimited access to all Global Investigations Review content