Corporate criminal liability advisory under Law 20.393 — Anguita Osorio.
Crime prevention model design, certification and internal investigations.
Law 20.393 — Corporate Criminal Liability
Law 20.393 is the Chilean statute that establishes criminal liability of legal entities (RPPJ) for predicate offenses committed in their interest or benefit, when they result from a breach of management and supervisory duties. The Economic Crimes Law (21.595) substantially expanded its catalog and tightened the requirements applicable to crime prevention models.
Scope and addressees
Which entities are exposed and which conduct triggers liability.
Liability under Law 20.393 reaches legal entities of private law and public-law entities not exercising sovereign functions. Liability is triggered by predicate offenses listed in the law — significantly expanded by Law 21.595 in 2023 — committed by individuals connected to the entity (owners, directors, executives, representatives, or persons performing administration and supervision tasks), in the entity's interest or benefit, and as a result of a breach of management or supervisory duties.
Liable entities
Corporations, partnerships, foundations, religious associations, public-law entities not performing sovereign functions, and political parties. Sole proprietorships are excluded.
Triggering offenses
After Law 21.595, the catalog covers economic, environmental, market, anti-money-laundering, anti-corruption and labor-safety offenses, among others. The catalog should be reviewed annually against the current operations of each company.
Connection to the entity
Liability extends to owners, controllers, officers, executives, representatives and any person carrying out administration or supervision tasks — including, where applicable, third parties acting on behalf of the entity.
Crime prevention model — minimum components
The model is the principal mechanism to exclude or mitigate liability.
- Compliance officer (encargado de prevención)
Independent from management, with sufficient resources, board-level access and a defined term. Their appointment, autonomy and reporting are central evidence of model suitability.
- Risk identification
Mapping of activities, processes and counterparties exposed to predicate offenses, with concrete heat-mapping methodology and traceability.
- Protocols, controls and procedures
Documented controls aligned with the identified risks: segregation of duties, four-eyes principle, expense and gift caps, third-party due diligence, conflict-of-interest registers.
- Training and communication
Periodic, role-targeted training with assistance and assessment records. Communication of the model to suppliers, contractors and subsidiaries.
- Whistleblower channel and disciplinary regime
Anonymous, retaliation-protected reporting channel; investigation procedure with due process; disciplinary measures linked to internal regulations.
- Monitoring, audit and continuous improvement
Internal audit cycle, KPI dashboards, periodic board reporting, and a documented update process when the entity's risk profile changes.
Sanctions
Calibrated by severity following Law 21.595 reform.
Sanction catalog
- Day-fine system, with scales calibrated by severity of the predicate offense.
- Temporary or permanent prohibition from contracting with State bodies.
- Partial or total loss of fiscal benefits and a five-year ban on receiving them.
- Forfeiture of proceeds and instruments of the offense.
- Judicial supervision and, in the most serious cases, dissolution of the legal entity.
Frequently asked questions
What is Law 20.393?
Law 20.393 is the Chilean statute establishing the criminal liability of legal entities (RPPJ) for offenses committed in their interest or benefit by owners, controllers, officers, executives, representatives or persons carrying out administration and supervision tasks, where the offense results from a breach of management and supervisory duties.
What did Law 21.595 (Economic Crimes Law) change?
Law 21.595 substantially expanded the catalog of predicate offenses under Law 20.393, added economic and environmental crimes, recalibrated the applicable sanctions and strengthened the technical requirements of the crime prevention model. RPPJ shifted from a narrow contingency to a cross-cutting risk every company must manage.
What is a crime prevention model (MPD)?
It is the internal governance, controls, training and monitoring system the legal entity adopts to prevent, detect and respond to the predicate offenses. Its existence, suitability and effectiveness are the main path to exclude or mitigate liability. It must be proportional to company size and industry, and kept current through periodic audits.
Is it mandatory to appoint a compliance officer?
Yes. Law 20.393 requires appointing a prevention officer (compliance officer) with autonomy from management, sufficient resources and direct access to the board. Their appointment is a condition of model suitability and — together with regular reporting to the senior body — one of the most scrutinized documentary requirements in a criminal investigation.
What sanctions can be imposed on the legal entity?
Sanctions include fines, temporary or permanent prohibition from entering into contracts with State bodies, partial or total loss of fiscal benefits, forfeiture, judicial supervision and even dissolution. Following Law 21.595, fines follow the day-fine system with scales calibrated by severity.
How is a crime prevention model certified?
Certification is voluntary and is issued by external entities registered with the CMF. Certification is not a criminal-law shield: the court assesses the substantive suitability of the model in each case. Even so, certification is market practice and provides robust evidence of board-level preventive diligence.
Related services
Explore complementary practice areas and regulatory analysis from our team.
Compliance Practice
Prevention models, internal investigations and regulatory compliance.
Law 21.595 — Economic Crimes
Predicate offense catalog, sanctions and obligations under the new economic crimes law.
Compliance Diagnosis
Gap analysis and roadmap for your prevention model.
María Victoria Smith
Lawyer — corporate, compliance, criminal law and digital contracting.
Eduardo Anguita Osorio
Managing Partner — corporate, compliance and financial regulation.
Transforme sus Desafíos Legales en Ventajas Competitivas
Descubra cómo nuestro enfoque innovador puede impulsar su negocio
