We invite you to read the opinion column written by our partner Rodrigo Albagli on the challenge companies face in moving towards comprehensive compliance, understood today as culture, governance, and strategic risk management.
In recent years, we have seen a profound transformation in the way companies understand and manage risk. We live in an era marked by complex and changing regulations, where each new law requires organizations to be more adaptable. In this context, compliance is no longer a set of protocols but has become a permanent management model. Today, it involves culture, governance, and a comprehensive view of risk that must be promoted from the board of directors throughout the entire organization.
In Chile, especially among companies with more developed corporate governance, this process is already tangible. More robust policies, codes of conduct, and prevention models have been incorporated, reflecting a cultural change. Today, ethics, integrity, due diligence, and sustainability are discussed as part of business strategy. However, the challenge is ongoing: these values must consistently permeate all levels, from senior management to front-line teams. Only then will compliance cease to be a document and become part of the corporate DNA.
Compliance is often associated solely with corruption or bribery, but its scope is much broader. It includes tax, labor, environmental, and free competition obligations and, increasingly, highly technical matters such as cybersecurity and data protection. The most frequent errors occur where they are least wanted: boards of directors that are not sufficiently involved, lack of training, reactive responses, and a gap between the culture that is declared and the culture that is actually experienced.
Today, reputational sanctions come even before formal investigations. That is why companies can no longer operate with compliance “silos”: one for economic crimes, another for the Karin Law, another for cybersecurity, another for data protection. Each regulation imposes different obligations, but risk management must be unique, coordinated, and consolidated.
At the same time, risks are evolving at the pace of the digital economy. The massive use of generative artificial intelligence, the consolidation of globalization 4.0—where anyone can buy or sell in different countries without jurisdictional friction—and the emergence of crypto assets are putting pressure on traditional legal frameworks. This gives rise to a type of risk that is global, immediate, and deeply interconnected.
In this scenario, compliance takes on an unprecedented role. Its function will no longer be limited to verifying compliance, but will become a strategic ally in managing digital risk. This includes integrating cybersecurity, data governance, and traceability, and requires compliance officers to understand both ethics and technology. They will be responsible for anticipating the impacts of this transformation and safeguarding corporate integrity.
Companies will need to define clear rules on the use of AI, establish robust controls, ensure traceability, and protect data. Trust—in processes, information, and business conduct—will be the most valuable asset. And it will be compliance, renewed and strategic, that will preserve it in times of rapid change.
Column written by:
Rodrigo Albagli | Partner | ralbagli@az.cl
