Is a Crime Prevention Model Mandatory?
Chilean law does not fine a company for lacking a crime prevention model. It does something more serious: it makes the company criminally liable for the offense that the model would have prevented. In practice, an adequate model marks the difference between answering criminally and not answering at all.
The short answer
There is no direct legal obligation to have a crime prevention model in Chile. However, since Law 21.595, a company is criminally liable for catalog offenses when their commission was favored by the lack of an effectively implemented model (Article 3, Law 20.393). An adequate model exempts the company.
Put differently: the law does not sanction the absence of the model, but it builds the entire criminal liability of the legal entity on that absence. The right question is not whether the model is mandatory, but how much criminal risk the company is willing to carry without one.
What Law 20.393 actually says
After the reform of Law 21.595, Article 3 sets three conditions for corporate criminal liability: a catalog offense; perpetrated in the framework of the company’s activity by someone holding a position in it (or managing its affairs before third parties); and whose commission was favored or facilitated by the lack of effective implementation of an adequate prevention model. The model stopped being a voluntary annex and became the axis of attribution.
The rule also reaches related entities: the company can be liable for offenses perpetrated within a subsidiary or a service provider that manages its affairs or lacks operational autonomy, where ownership or participation ties exist. The only carve-out is the offense committed exclusively against the company itself.
The four requirements of an adequate model (Article 4)
Article 4 measures adequacy against each company’s corporate purpose, line of business, size, complexity, resources and activities. It is a proportionality standard, and it demands that the model seriously and reasonably address four elements:
Identify the risks
Map the activities and processes of the company that carry a risk of criminal conduct. Without a real risk matrix tied to the current offense catalog, the rest of the model has no foundation.
Protocols, reporting channel and sanctions
Procedures to prevent and detect criminal conduct, necessarily including secure whistleblowing channels and internal sanctions. They must be communicated to all workers and expressly incorporated into employment and services contracts, top executives included.
A prevention officer with real power
One or more officers responsible for applying the protocols, with adequate independence, effective direction and supervision powers, direct access to the administration, and material resources proportional to the company’s size and economic capacity.
Periodic independent evaluation
Periodic evaluations by independent third parties and improvement mechanisms built on their findings. Law 21.595 replaced the old CMF-registered certification with this continuous evaluation duty.
What is at stake, in practice
Without an effective model
- The company answers criminally for the catalog offense.
- Fines under the day-fine system of up to 2,000,000 UTM (how the day-fine works).
- Prohibition from contracting with the State and loss of fiscal benefits.
- Forfeiture, judicial supervision and, in extreme cases, dissolution.
With an adequate model
- Exemption from criminal liability (Articles 3 and 4).
- Mitigation where effective measures are adopted before the investigation is formalized (Article 6 No. 3).
- A demonstrable prevention and cooperation record before prosecutors and courts.
Does this apply to an SME too?
Yes, and the standard scales. An SME does not need the bureaucracy of a multinational: Article 4 measures the model against the real size, resources and activities of each company. What no company can ignore is the catalog: Law 21.595 expanded it with economic and environmental offenses, so the exposure now cuts across ordinary business decisions such as pricing, subsidies, permits and reporting.
Does your model cover the current catalog?
Models designed before Law 21.595 usually cover a fraction of the current offense catalog. The compliance diagnosis contrasts your model (or its absence) against the offenses applicable to your line of business and delivers a prioritized roadmap.
Request a compliance diagnosisFrequently asked questions
Does any Chilean law require a crime prevention model?
No. No statute imposes the model as a general obligation, and there is no fine for not having one. Law 20.393 works in reverse: a legal entity is criminally liable for catalog offenses when their commission was favored or facilitated by the lack of effective implementation of an adequate model (Article 3). The requirement is indirect, but the cost of omitting it is criminal liability.
What must the model contain to exempt the company from liability?
Article 4 of Law 20.393 requires four elements: identification of activities with criminal risk; prevention and detection protocols including secure whistleblowing channels and internal sanctions, incorporated into employment and services contracts; one or more prevention officers with independence, effective powers and sufficient resources; and periodic evaluations by independent third parties with update mechanisms.
Is a "paper model" enough?
No. The legal standard is effective implementation, not documentary existence. Courts weigh how the model operates in practice: training delivered, reports handled, evaluations performed and improvements adopted. A manual without real application does not exempt from liability.
Is the model certified?
Not as before. Law 21.595 removed the certification before CMF-registered entities contemplated in the original text. Today Article 4 requires periodic evaluations by independent third parties and improvement mechanisms based on those evaluations.
What if an offense occurs despite the model?
If the model was adequate and effectively implemented, the company is exempt: the offense was not favored by its absence. In addition, adopting effective preventive measures before the investigation is formalized is a mitigating circumstance (Article 6 No. 3). The assessment is judicial and case by case.
Official sources
Transforme sus Desafíos Legales en Ventajas Competitivas
Descubra cómo nuestro enfoque innovador puede impulsar su negocio