We invite you to read the interview with our Compliance Group Director, Yoab Bitran, for LexLatin, where he discussed the implications and obligations of the new Intelligence Law in Chile.
The new Intelligence Law in Chile not only redefines the State Intelligence System, but also introduces new obligations for companies and increases the risks of corporate criminal liability.
On Wednesday, January 28, the Chilean Congress ended almost eight years of legislative proceedings by approving the bill that modernizes the State Intelligence System. The initiative, promoted during Sebastián Piñera’s second term and now one of the latest advances in security under Gabriel Boric’s administration, establishes a new institutional design that will be implemented by President-elect José Antonio Kast after he takes office on March 11.
Beyond changes aimed at tackling organized crime, the new Intelligence Law, approved by the Chamber of Deputies with 107 votes in favor and three abstentions, not only restructures national security but also imposes new obligations on the private sector. Yoab Bitran, director of the compliance group at Albagli Zaliasnik (AZ), warns that the incorporation of new criminal offenses, such as political espionage and the requirement to provide information in accordance with special procedures, increases the risks of criminal liability for legal entities. The lawyer explains that this will force companies to review and adjust their compliance models before the law comes into force.
Obstruction and corporate criminal liability under the new Intelligence Law
One of the most sensitive aspects for corporate governance is the obligation to cooperate with information requests under the new regular procedures stipulated by law. Refusal or delay in providing information will not be considered a minor administrative offense.
The spokesperson for Albagli Zaliasnik mentions that the regulations provide for penalties for refusal or obstruction in the execution of the measures. The expert points out that such conduct may result in sanctions for legal entities, in line with the terms of corporate criminal liability in force in the country.
“In practice, this constitutes a more demanding sanctioning framework, which reinforces the need for compliance models that not only exist on paper but also function effectively in daily operations,” explains Bitran.
For the specialist, compliance and Crime Prevention Models cannot be understood as a static set of rules or documents, but rather as living systems that require constant updating in the face of regulatory changes of this magnitude.
“One of the main challenges posed by the State Intelligence Law relates to how companies manage the delivery of information to the authorities. It will be necessary to clearly identify the activities or processes in which such delivery may occur and critically review whether existing protocols are sufficient. In many cases, rather than creating procedures from scratch, the focus should be on organizing, strengthening, and professionalizing the mechanisms already in place,” he says.
Political espionage: criminal risks for consulting and strategic advisory firms
The lawyer argues that the law introduces and defines the crime of political espionage, which could directly impact consulting, private investigation, or strategic advisory firms that handle sensitive data. The text punishes the misuse of the State Intelligence System and protects the secrecy of information.
According to Bitran’s analysis, the risk is particularly acute when handling data from public entities, agencies collaborating with the system, or private entities required by the authorities.
“The disclosure or use of this information in the context of strategic consulting would not only violate confidentiality obligations, but could also constitute the crime of political espionage,” he says.
This offense, the specialist points out, would not only violate confidentiality obligations, but also expose firms to serious criminal and reputational penalties, making any unauthorized handling of state intelligence a crime punishable by imprisonment and disqualification.
Coordination with the future Data Protection Law in Chile
As with any new regulation, its entry into force poses significant challenges for the private sector. In this context, many companies have already begun to strengthen their security practices, aligning their compliance systems with the obligations and principles of the Personal Data Protection Law, scheduled for December this year. For the expert, this legislative simultaneity requires companies to raise their information governance standards, especially those that process sensitive or strategic data.
Bitran points out that organizations will face increasing demands in terms of security, traceability, and control. However, he clarifies that the challenge does not lie solely in designing processes from scratch, given that there are already obligations to provide information to public bodies.
“The challenge is not so much to design completely new processes, but rather to strengthen and refine existing mechanisms for preparing, validating, and delivering information, allocating adequate resources, both human and financial, to enable a timely and lawful response to the requirements of the authorities,” he explains.
New information disclosure obligations for companies in Chile
The purpose of the law is to contribute to the planning of actions to address threats to national security. The core of the system is made up of the National Intelligence Agency (ANI), the Defense Intelligence Directorate of the Joint Chiefs of Staff (EMCO), the Intelligence Directorates of the Armed Forces (Army, Navy, and Air Force) and Law Enforcement, and the Intelligence Headquarters of the Law Enforcement and Public Security Forces (Carabineros and PDI).
As a new feature, the law includes as collaborating agencies the National Cybersecurity Agency, the Gendarmerie, the Financial Analysis Unit (UAF), the National Customs Service, and the Internal Revenue Service (SII).
This multiplies the points of contact between the state and private companies. Bitran recommends that companies clearly identify the activities in which information may be disclosed, as the challenge is to strengthen and refine existing mechanisms for preparing, validating, and disclosing information.
External oversight will be carried out by the Comptroller General of the Republic, the courts of justice, and the Chamber of Deputies, operating under strict confidentiality. In addition, a Supreme Court justice will be authorized to conduct special procedures for obtaining information, ensuring judicial oversight of intrusive operations.
However, beyond institutional controls, Bitran warns that the last line of defense is internal. Critical aspects such as confidentiality, integrity, and access control are often strained when there are tight deadlines or multiple actors involved.
“Therefore, ongoing training for teams that may be exposed to requests for information from the authorities is key, not only to mitigate legal risks, but also to ensure responses that are consistent with current regulatory and compliance standards,” concludes the expert.
Read the full publication here.
Source: LexLatin, February 20. [See here]
